Harness Release Notes Summaries
Explore release notes from the last 30 days across the Harness Platform and modules.
INFO
Please review the full module release notes by selecting a module in the sidebar, or using the View full release notes links beside each module summary.
Platform Release Notes
Platform
View full release notes →Security Improvements
- Enhanced authentication security by preventing valid usernames from being exposed in system error responses.
Access Control Updates
- Resolved an issue to ensure user group permission checks are correctly governed by their respective feature flags.
Platform Stability
- Improved system consistency by standardizing internal software dependencies within the environment.
Delegate
View full release notes →Cloud Provider Updates
- Ensured AWS Auto Scaling Group steps correctly use OIDC and IRSA authentication methods.
- Improved the reliability of ECS deployment status checks by filtering out stale AWS events.
- Updated AWS authentication error messages to provide clearer guidance on permissions and tool installation.
- Fixed an issue where missing pods could trigger unnecessary retry loops during the deployment phase.
Deployment Reliability
- Enhanced retry logic to ensure execution conditions are re-evaluated before every step attempt.
- Improved the accuracy of anomaly detection models in scenarios with low data volume.
- Resolved errors encountered when validating connector configurations.
System & Integration Updates
- Improved compatibility with CloudBees Jenkins integrations by updating API request handling.
- Added a configuration setting to limit the number of Docker tags fetched per image, optimizing resource performance.
- Upgraded core system dependencies to enhance overall security and stability.
AI for DevOps & Automation
Continuous Delivery & GitOps
View full release notes →Governance & Security
- GitOps now integrates with Open Policy Agent (OPA) to enable policy-based validation and governance for applications.
- Error messages for missing or misconfigured secrets now include the secret name and scope to help identify and resolve issues quickly.
GitOps & Kubernetes Updates
- Source hydrators now use Git notes to track state, improving repository cleanliness by reducing unnecessary commits.
- Updated the management of large resource definitions to support server-side apply during upgrades to avoid size limitation errors.
- Fixed a connection issue where OCI Helm connectors failed to fetch charts due to incorrectly formatted repository URLs.
Infrastructure & Deployment Fixes
- Resolved an issue where Azure ARM resource provisioning steps failed to process valid JSON templates during deployment.
- PowerShell script steps now correctly preserve newline characters in output variables, ensuring multi-line strings are not flattened.
- Fixed a failure when creating service overrides in environments where the parent project had been previously deleted and recreated.
User Experience & Visibility
- Git status check URLs now correctly direct users to the pipeline execution page regardless of which modules are licensed on the account.
- Fixed an issue where organization-level templates failed to display existing references or load version comparisons correctly.
- Resolved a formatting issue in notification templates where special characters in error messages caused the system to fall back to default templates.
Continuous Integration
View full release notes →Security & Secret Management
- Enhanced security for Test Intelligence and the Artifactory plugin by upgrading underlying runtimes to address vulnerabilities.
- Added support for granular JWT claims when integrating Kubernetes builds with HashiCorp Vault for secret management.
- Improved authentication for Azure Container Registry steps using delegate-based Managed Identity.
- Resolved an issue where special characters like double quotes were incorrectly handled in secrets during execution.
Visibility & Troubleshooting
- Added real-time CPU and memory usage metrics to pipeline execution logs for better resource monitoring.
- Updated build logs to display specific machine size names instead of generic labels.
- Improved real-time status updates for container-based step groups and GitLab merge requests.
- Enhanced error messages for secret retrieval failures during build initialization to provide more actionable details.
Build Tools & Caching
- Introduced pipeline steps to save and restore build caches using Azure Blob Storage with Microsoft identity authentication.
- Improved environment variable resolution for Docker Buildx configurations across Kubernetes, VM, and local runners.
Pipeline Execution & Integration
- Introduced branch-based version counters, allowing build numbers to be tracked independently for each branch.
- Resolved an issue where repository URLs were incorrectly resolved for Azure Repos commit-based builds.
- Fixed a failure that occurred during pipeline re-runs when using specific delegate selectors for codebase tasks.
Infrastructure as Code Management
View full release notes →Security & Secrets
- Integrated Vault connectors with workspaces to automate secret retrieval for infrastructure workflows.
- Added resource sanitization for sensitive values within Terragrunt executions to improve data security.
Framework Support
- Added native AWS CDK support for workspace creation and pipeline execution.
- Expanded Terragrunt functionality with advanced expression support, security scanning integration, and automated pull request comments.
- Introduced a new interface for creating and managing Ansible inventory plugins.
Workspace Management
- Redesigned the workspace creation interface for a more intuitive and standardized setup experience.
- Enhanced the Terraform import experience with clearer fields for resource addresses and IDs.
- Enabled the ability to retrospectively add templates to existing workspaces via API.
- Resolved an issue that blocked the creation of module test pipelines when Git enforcement was enabled.
- Fixed navigation links in the onboarding module to ensure consistent access between pipelines and module details.
Registry & Platform Updates
- Resolved an issue where editing entries in the Module Registry would fail with error codes.
- Fixed a technical error occurring when updating module registry entries.
- Implemented telemetry tracking to monitor platform performance and improve the user experience.
AI for Testing & Resilience
Chaos Engineering
View full release notes →Chaos Studio & User Experience
- Migrated action and probe variables to a dedicated Inputs section within Chaos Studio for better organization.
- Introduced experiment template support for Windows and Linux infrastructure in the user interface.
- Added a Resource Selector to simplify the selection of probes, actions, and faults.
- Improved onboarding stability by pausing background updates while interacting with application maps.
- Enhanced navigation and internal routing within the web interface.
Infrastructure & Fault Support
- Expanded Linux chaos capabilities with new faults for network, API, JVM, processes, services, DNS, and disk operations.
- Added support for specific egress rules during ECS network restriction experiments.
- Enabled live logging support for Windows and Linux v2 infrastructure.
- Updated ECS Fargate components to support multi-architecture system images.
Security & Access Management
- Resolved access control permission gaps and improved error handling across the interface and API.
- Enhanced secret management for Redis and VMware infrastructure to improve security for sensitive data.
- Updated installation scripts with required permissions for traffic interception and analysis tools.
Resilience & Reliability
- Launched Disaster Recovery support including automated test execution and component management workflows.
- Fixed an issue where tasks could remain in a pending state and fail to reach the target infrastructure.
AI Test Automation
View full release notes →External Integrations
- Integrated with Jira to improve project tracking and visibility.
- Included direct links to test runs within Jira tickets for faster troubleshooting.
Task & Workflow Management
- Enabled support for nested tasks within automation workflows.
- Resolved an issue where duplicate tasks were displayed in the interface.
- Renamed 'Validate Test' to 'Run Test' to better reflect the action.
Automation & UI Interaction
- Added a drag-and-drop command to facilitate interaction with UI sliders.
- Enabled parameter support for the prompt enhancer to allow for more flexible test creation.
AI for Security & Compliance
Security Testing Orchestration
View full release notes →Security Scanning
- Source code scans are now available to identify security vulnerabilities, exposed secrets, and vulnerable open-source dependencies.
- Container image scans now detect vulnerabilities in operating system packages and libraries, featuring risk prioritization based on reachability.
Issue Management
- Fixed a display issue where file names for detected security vulnerabilities appeared incorrectly on the issue overview page.
- Resolved an issue where security exemption records displayed the incorrect approval timestamp.
Developer Workflows
- Resolved an error that prevented users from successfully creating pull requests within the integrated code repository.
Supply Chain Security
View full release notes →SBOM & Risk Management
- Added support to filter SBOM components by dependency type (Direct, Indirect, or No Relationship) for improved traceability.
- Expanded vulnerability visibility on the SBOM page to include results from all supported security scanners.
- Resolved an issue where the known vulnerabilities filter on the SBOM page was not applying correctly.
- Fixed a mismatch between the SBOM counts displayed on the Overview and SBOM detail pages.
- Updated the SBOM Score API to accurately process repository names that include web prefixes.
- Improved Java support for SBOM generation to ensure more reliable build processes.
Traceability & Visibility
- Ensured complete artifact traceability by capturing missing deployment events in the Chain of Custody.
- Standardized artifact naming conventions across all security steps for better consistency.
- Improved the responsiveness of the search bar and the visibility of image layer filters.
Infrastructure & Stability
- Enhanced compatibility with Docker-in-Docker environments to ensure stable plugin performance.
- Updated plugin configurations to ensure better stability across different container engine versions.
AI for Cost & Optimization
Cloud Cost Management
View full release notes →Security & Infrastructure
- Improved security for EC2 metadata access through full compatibility with the latest AWS Instance Metadata Service requirements.
- Hardened all container images using advanced security scanning and optimization to reduce potential attack surfaces.
- Enabled in-place pod resizing to adjust CPU and memory resources without requiring restarts, minimizing workload disruption.
Visibility & Reporting
- Enhanced chart readability by automatically aggregating data into monthly or yearly views for long-term time ranges.
- Improved AutoStopping logs with new pagination, 30-day retention, and customizable timezone settings for exports.
- Optimized dashboard widgets to automatically hide anomaly legends when corresponding cost data is not selected.
- Fixed a data issue to ensure creation timestamps are accurately recorded for all generated recommendations.
User Experience Improvements
- Resolved an issue where renaming folders or perspectives would cause rule configurations to reset to their original state.
- Added a manual refresh button to the Cluster Orchestrator to provide real-time updates for nodes, workloads, and logs.