Harness Release Notes Summaries
Explore release notes from the last 30 days across the Harness Platform and modules.
INFO
Please review the full module release notes by selecting a module in the sidebar, or using the View full release notes links beside each module summary.
Platform Release Notes
Platform
View full release notes →Security Improvements
- Enhanced security by preventing the exposure of valid usernames within authentication error messages.
Access Control
- Resolved an issue to ensure user group permissions are correctly managed and gated by feature flags.
System Maintenance
- Standardized the code coverage tool version for Python environments to ensure consistent system performance.
Delegate
View full release notes →Security & Performance
- Updated core dependencies to the latest stable versions to enhance overall security and performance.
- Introduced a configuration setting to limit the number of Docker tags fetched per image, optimizing performance for large repositories.
- Enhanced the accuracy of anomaly detection models in scenarios with limited data.
Deployment Reliability
- Updated deployment retry logic to ensure all conditions are re-evaluated before each attempt.
- Refined ECS deployment checks to more accurately track service status and avoid processing stale event data.
- Resolved a bug that caused unnecessary retry loops when specific resources could not be found during deployment.
- Fixed an error occurring during connector validation to ensure more reliable and consistent connection testing.
Cloud & External Integrations
- Fixed an issue where AWS deployments using OIDC or IRSA authentication failed to recognize connectors correctly.
- Improved compatibility with the latest CloudBees Jenkins integrations by optimizing API request parameters.
- Enhanced error messages for AWS authentication failures to provide clearer troubleshooting steps for permissions or installation requirements.
AI for DevOps & Automation
Continuous Delivery & GitOps
View full release notes →Governance & Security
- GitOps now integrates with Open Policy Agent (OPA) to enable policy-based governance and validation for applications.
- Improved error reporting for missing secrets by including the secret name and scope in the logs for easier troubleshooting.
GitOps & Infrastructure
- The GitOps service now uses Git notes instead of commits to track state, reducing unnecessary repository updates.
- Updated the ApplicationSet upgrade process to support Server-Side Apply to accommodate Kubernetes configuration limits.
- Resolved a URL formatting error in OCI Helm connectors that caused chart fetching to fail.
Deployment & Configuration
- PowerShell script steps now correctly preserve formatting for multi-line output variables.
- Fixed a failure in Azure ARM resource provisioning steps when processing specific template and parameter formats.
- Resolved an issue where orphaned data from deleted projects prevented the creation of new service overrides.
Workflow & Templates
- Organization-level step templates now accurately display their references and support version comparisons.
- Improved notification template reliability when processing error messages containing special characters.
- Execution links in Git status checks now resolve to the correct page for all account license types.
Continuous Integration
View full release notes →Security & Secrets
- Enabled Azure Workload Identity authentication for building and pushing to Azure Container Registry.
- Enhanced Kubernetes builds with support for additional identity claims when integrating with HashiCorp Vault.
- Improved handling of special characters, such as double quotes, within secrets during pipeline execution.
- Strengthened security for Test Intelligence and Artifactory components by upgrading underlying runtimes.
- Resolved security vulnerabilities in test execution binaries by updating internal dependencies.
Execution Visibility
- Added CPU and memory usage metrics to cloud build logs for better resource monitoring.
- Updated cloud build logs to display specific machine size names instead of generic resource labels.
- Enabled real-time status updates for container-based step groups during execution.
- Improved error logging for secret retrieval failures to provide more actionable troubleshooting details.
- Enhanced GitLab integration to provide real-time pipeline status updates for merge requests.
Cloud & Storage
- Introduced new steps to save and restore build caches using Azure Blob Storage and Microsoft identity authentication.
- Fixed an issue where repository URLs were incorrectly resolved for commit-based builds in Azure Repos.
Build Management & Reliability
- Introduced branch-based version counters to allow independent build numbering for different branches.
- Resolved environment variable resolution issues when using Docker Buildx Bake on Kubernetes and self-hosted runners.
- Fixed a failure occurring during pipeline re-runs when specific delegate selectors were used for source control tasks.
Infrastructure as Code Management
View full release notes →Security & Secret Management
- Link Vault connectors directly to workspaces to automate secret retrieval during infrastructure runs.
- Enhanced data security with automated sanitization of sensitive values in infrastructure workflows.
Framework & Tooling Support
- Native support for AWS CDK, enabling infrastructure management alongside Terraform and OpenTofu.
- Advanced Terragrunt capabilities including expression support and automated pull request comments for GitOps workflows.
- New user interface for creating and managing Ansible inventory plugins.
Workspace Management
- Redesigned workspace creation experience with a more intuitive interface and standardized configurations.
- Improved interface for importing Terraform resources with clear fields for resource addresses and IDs.
- Support for retrospectively assigning templates to existing workspaces via API for better organization.
Platform Stability & Modules
- Resolved stability issues and errors when managing or updating entries in the module registry.
- Fixed issues preventing the creation of module test pipelines when Git enforcement is active.
- Restored broken navigation links between pipeline executions and module details.
- Integrated system telemetry to monitor orchestration metrics and improve platform performance.
AI for Testing & Resilience
Chaos Engineering
View full release notes →Security & Access Control
- Enhanced secret management security for Redis and VMware fault configurations.
- Addressed access control gaps and improved UI error handling for user permissions.
- Updated installation scripts with necessary permissions for network traffic monitoring tools.
Chaos Studio & User Experience
- Streamlined Chaos Studio by consolidating action and probe variables into a unified Inputs section.
- Introduced a Resource Selector to simplify the selection of probes, actions, and faults.
- Improved the onboarding process by ensuring the Network Map remains stable during configuration.
- Added dedicated UI support for managing experiment templates on Windows and Linux infrastructure.
Infrastructure Support
- Expanded Linux machine chaos capabilities with new network, API, JVM, process, service, DNS, and disk faults.
- Enabled egress rule support for network restriction faults in Amazon ECS environments.
- Updated ECS Fargate sidecars to support multi-architecture environments.
- Introduced live logging support for Windows and Linux infrastructure.
Disaster Recovery & Reliability
- Launched Disaster Recovery support featuring new APIs for test runs and variable management.
- Enhanced execution workflows for Disaster Recovery components and nodes.
- Resolved an issue where load tasks could occasionally become stuck in a pending state.
AI Test Automation
View full release notes →Integrations & External Tools
- Full support for Jira integration to streamline project workflows.
- Direct links to test runs are now automatically included within Jira tickets for easier tracking.
Test Authoring & AI
- Support for nested tasks to better organize and structure complex test scenarios.
- New drag-and-drop command specifically designed for slider interactions.
- Enhanced the AI prompt enhancer with support for dynamic parameters.
Visibility & Interface Improvements
- Added an environment name filter to the Test Run page for more efficient searching.
- Renamed 'Validate Test' to 'Run Test' to more accurately reflect the action being performed.
- Added visual status indicators to show when the system is busy processing.
- Fixed a display issue where AI Copilot tasks appeared multiple times.
AI for Security & Compliance
Security Testing Orchestration
View full release notes →Security & Vulnerability Detection
- Introduced Static Application Security Testing (SAST) to identify security vulnerabilities, exposed secrets, and vulnerable dependencies within source code.
- Enhanced Software Composition Analysis (SCA) to detect vulnerabilities in container image packages and libraries with risk-based prioritization.
Issue Visibility & Reporting
- Corrected the approval timestamp display on the security exemptions page to ensure accurate tracking.
- Fixed a display issue to ensure file names for Mend scanner results appear correctly on the issue overview page.
Integrations & Workflow
- Resolved an issue that prevented the successful creation of pull requests within the integrated code repository.
Supply Chain Security
View full release notes →SBOM & Vulnerability Management
- Added the ability to filter SBOM components by dependency type to better track component relationships.
- Extended SBOM vulnerability visibility to include results from all supported security scanners.
- Fixed an issue where the vulnerability filter for dependencies on the SBOM page was not returning accurate results.
- Resolved a discrepancy where the SBOM component count on the Overview page did not match the count in the SBOM tab.
- Updated the SBOM Score API to correctly process repository names that include the HTTPS prefix.
Infrastructure & Compatibility
- Updated plugin compatibility for recent Docker engine versions and provided guidance on using supported base images to prevent execution failures.
- Improved Java environment handling when generating SBOMs for repositories to ensure smoother build processes.
Visibility & User Experience
- Improved the Chain of Custody by ensuring deployment events are correctly captured and displayed during artifact redeployments.
- Enhanced search bar responsiveness and fixed visibility issues with image layer filters.
- Standardized artifact naming conventions across all platform steps to ensure data consistency.
AI for Cost & Optimization
Cloud Cost Management
View full release notes →Security & Infrastructure
- Upgraded container images with advanced hardening and optimization to reduce the attack surface and improve security.
- Added full support for AWS Instance Metadata Service Version 2 for more secure EC2 metadata access.
- Implemented general security enhancements across the platform.
Resource Optimization & Automation
- Enabled in-place pod resizing, allowing the system to adjust CPU and memory for running pods without requiring restarts or workload disruption.
- Enhanced AutoStopping logs with pagination, 30-day retention, and the ability to export data using a preferred timezone.
Data Visualization & Analytics
- Improved the readability of recommendation charts by automatically aggregating data into monthly or yearly views for long-term time ranges.
- Updated the anomalies widget to automatically hide legends when cost data is deselected, ensuring a cleaner interface.
- Fixed an issue to ensure the creation date is accurately recorded when generating recommendations.
User Experience & Controls
- Added a refresh button to Cluster Orchestrator tables to provide instant updates on nodes, workloads, and logs.
- Resolved an issue where renaming or moving a Perspective would cause rule builder configurations to reset.