Self-Managed Enterprise Edition release notes
These release notes describe recent changes to Harness Self-Managed Enterprise Edition, NextGen.
If you are currently on version 0.12.0, you must follow the applicable upgrade process below to upgrade your version to the latest stable release, 0.12.1.
If you are currently on version 0.13.0, 0.13.1, 0.13.2, or 0.13.3, you must follow the applicable upgrade process below to upgrade your version to the latest stable release, 0.13.4.
You can perform your normal upgrade process if you are currently on a version earlier than 0.12.0. Harness recommends that you upgrade to 0.13.4.
Upgrade using Helm
If you use helm
to upgrade Harness Self-Managed Enterprise Edition, follow the upgrade process below.
- Set
global.database.minio.mergeLogs
totrue
in your override file. - Perform your Harness upgrade.
All other customers
If you don't use Helm to upgrade Harness Self-Managed Enterprise Edition, follow the upgrade process below.
-
Exec into your MinIO pod.
-
Copy the files from
/bitnami/minio/data
to/data/backup directory
. -
Perform your Harness upgrade.
-
Exec into your MinIO pod after the upgrade has successfully completed.
-
Run the following command and copy the
MINIO_ROOT_PASSWORD
.env | grep MINIO_ROOT_PASSWORD
-
Run the following commands.
bin/mc alias set minio http://minio:9000
# Access Key: admin
# Secret Key: <PASTE_THE_PASSWORD_COPIED_IN_STEP_5>bin/mc cp --recursive /data/backup/logs minio/logs
- Security advisories: Harness publishes security advisories for every release. Go to the Harness Trust Center to request access to the security advisories.
- More release notes: Go to Harness Release Notes to explore all Harness release notes, including module, delegate, FirstGen Self-Managed Enterprise Edition, and FirstGen release notes.
March 6, 2024, version 0.14.3
This release includes the following Harness module and component versions.
Name | Version |
---|---|
Helm Chart | 0.14.3 |
Air Gap Bundle | 0.14.3 |
NG Manager | 1.24.7 |
CI Manager | 1.12.5 |
Pipeline Service | 1.61.5 |
Platform Service | 1.12.0 |
Access Control Service | 1.33.1 |
Delegate | 24.02.82203 |
Change Data Capture | 1.5.3 |
Test Intelligence Service | 1.8.1 |
NG UI | 1.7.4 |
LE NG | 1.1.0 |
Alternative air gap bundle download method
Some admins might not have Google account access to download air gap bundles. As an alternative, you can use gsutil
. For gsutil
installation instructions, go to Install gsutil in the Google Cloud documentation.
gsutil -m cp \
"gs://smp-airgap-bundles/harness-0.14.3/ccm_images.tgz" \
"gs://smp-airgap-bundles/harness-0.14.3/cdng_images.tgz" \
"gs://smp-airgap-bundles/harness-0.14.3/ce_images.tgz" \
"gs://smp-airgap-bundles/harness-0.14.3/cet_images.tgz" \
"gs://smp-airgap-bundles/harness-0.14.3/ci_images.tgz" \
"gs://smp-airgap-bundles/harness-0.14.3/ff_images.tgz" \
"gs://smp-airgap-bundles/harness-0.14.3/platform_images.tgz" \
"gs://smp-airgap-bundles/harness-0.14.3/sto_images.tgz" \
.
New features and enhancements
Continuous Delivery
-
You can now see AccountID in Switch Account screen (CDS-88728)
Enhanced the Switch Account experience to show more data i.e
AccountId
. -
Support to fetch primary manifest identifier when there's one helm manifest (CDS-88469)
The expression
<+manifestConfig.primaryManifestId>
was used to resolve for the case of multiple helm charts configured in service. The similar expression can be used to leverage single helm chart configured in service to use helm expression. See our docs for more info. -
Grouping and Collapsible are now supported for Overrides (CDS-82376)
Overrides in configurations are now grouped and collapsible, making them easier to search through.
-
Stage Selection component is moved to Pipeline Input tab from Configuration Tab (CDS-72890)
When setting up Triggers, you'll find the Stage Selection in the Pipeline Input tab for a smoother configuration experience.
-
Option to select secrets in script output variables has been removed. (CDS-86690)
Script output variables for the 'secrets' type no longer require explicit selection; instead, fixed variables need to be input to designate them as secret values for subsequent steps/stages.
Continuous Integration
- The codebase expressions
<+codebase.sourceBranch>
and<+codebase.targetBranch>
are now alwaysnull
for branch and tag builds. These expressions are primarily for differentiating the target and source branches for PR builds. For branch and tag builds, use<+codebase.branch>
and<+codebase.tag>
. (CI-10743, ZD-55284)
Harness Platform
-
You can now toggle between the legacy UI navigation and the new navigation by enabling the feature flag
CDS_NAV_PREFS
for your account. (PL-43772) -
Configure an absolute session timeout for your account (PL-43587)
A new Absolute Session Timeout (in minutes) setting is available on the Authentication page. When the Absolute Session Timeout (in minutes) is set, users will be logged out of their account after the configured timeout, regardless of any activity.
The default absolute session timeout is 0, which means that it is not set. You can set this to a maximum of 4320 minutes (3 days). The field automatically converts the minutes you enter to higher units of time, and displays the result under the field. For example, if you enter 1440, the UI shows 1 day below the field.
noteWhen both the session inactivity timeout and the absolute session timeout are set, the condition that is met first will be honored.
-
Removed the unused
org.redisson:redisson
library dependency from the delegate. (PL-42485, ZD-53588, ZD-53760) -
Deletion of SCIM-managed user groups was not allowed. (PL-39439, ZD-53340)
You can now delete SCIM-managed user groups via the delete API for user groups.
infoHarness does not currently support the ability to delete SCIM-managed user groups in the UI.
-
Account level Absolute Session Timeout support has been added. User will be logged out after absolute session expiry reaches irrespective of any activity. Default value for Absolute Session Timeout is 0, which means it is unset. For more information refer documentation (PL-43630)
-
You can now customize Audit View permissions within a role. By default, Audit View permission is enabled for managed roles such as Account Viewer, Account Admin, Org Viewer, and Org Admin. (PL-42139)
To disable Audit View for specific users, administrators can now:
- Create a role with Audit View permission disabled while enabling all other view permissions.
- Update the role binding for the "All Organisation Users" or "All Account Users" user group to this new role, effectively denying Audit View Permission for all users in the group.
- To grant Audit View access to specific users, assign the default "Organization Viewer" or "Account Viewer" role, as applicable, to the individual user or user group.
This enhancement provides greater flexibility and control over user permissions, streamlining the management of audit view access within the system.
Fixed issues
Continuous Delivery
-
UI displays an error for deployments that are awaiting manual approval. (CDS-88625, ZD-56498, ZD-56500)
The issue is fixed now to handle null check for approval message.
-
Unauthorized errors while using GCP and a GCP access token in between steady state checks, intermittently (CDS-88446, ZD-56104)
It occurred when the access token expiration overlapped with steady state check (watch) API calls. The issue is fixed now.
-
Even though only delegates can perform 10 connection tests in parallel, the UI did not restrict further attempts and threw an error at a later stage.(CDS-88377, ZD-56296)
The issue is fixed now by adding restriction on UI to match backend limitation for the Delegate.
-
Making edits to more than one variable simultaneously only applied the changes to the last variable in the list. (CDS-88198, ZD-56156)
The issue is fixed now.
-
Trigger with empty pipelineIdentifier is being saved in DB (CDS-88191)
The issue is fixed now by adding a validation, ensuring that the pipeline identifier cannot be empty in the trigger YAML during trigger creation or updates.
-
Unable to select a new pipeline or template version. (CDS-87809, ZD-55910)
The issue is fixed now.
-
Branch selector dropdown not populating in Harness code repo: issue arises when entity is absent, resulting in 'no entity found' page. (CDS-87788)
The issue is fixed now.
-
During K8s Async Steps, an 'Invalid task type' exception was thrown when the task parameter was not provided, resulting in a test failure. (CDS-87708)
The issue is fixed now.
-
Hyperlinks in the Harness approval message are not clickable. (CDS-87675, ZD-55826)
The issue is fixed by adding logic to render clickable links within the text. If any URLs or hyperlinks are present in the approval message they are converted to clickable links.
-
Github release trigger were not working as expected because UI didn't show the Conditions (CDS-87647, ZD-55832)
The issue is fixed now.
-
Http step with MTLS not working due to exception caused during delegate capability check for the step (CDS-87547, ZD-55531)
The issue is fixed now.
-
Unable to use '#' and '&' in branch names. (CDS-87468, ZD-55625)
The issue is fixed now.
-
There were issues while pulling tags of images in Github Container Registry when they have
/
inside the artifact name. (CDS-87457)The issue is fixed now by replacing
/
in the package name to%2F
. Without this change, the REST API was failing to list the tags. -
Pipeline was failing with delegate error to fetch JSON format. (CDS-87440, ZD-55387)
The JSON format was fetched using curl in the delegate but the same was not working in the UI.
The issue is fixed now.
-
Harness bidirectional sync webhook feature not working. (CDS-85694, ZD-54338)
These events are unrelated to bidirectional GitExperience processing and will now be disregarded instead of being flagged as failures.
-
Plugin steps weren't following delegate selectors, leading to intermittent pipeline failures.(CDS-85489)
The issue is fixed now.
-
WimRM connector was changed to SSH connector when the template was added to the pipeline. (CDS-85388)
The issue is fixed now.
-
Template inputs were not showing up in Pipeline editor. (CDS-84490)
It was due to an intermittent issue, this has been resolved now.
-
Users having viewer permissions were able to edit the pipeline.(CDS-85221)
The issue is fixed now.
-
FF validation used to work for name and ID fields but not any other field. (CDS-87581)
The issue is fixed, FF validation will work when importing resources from Git.
-
When only one manifest is created in OCT Helm, runtime inputs were not being displayed. (CDS-87941)
The issue is fixed by updating the condition in code to select default behavior if only 1 manifest is available.
-
In the process of creating an input set or overlay input set from YAML view, the isHarnessCodeRepo query parameter was not being sent.(CDS-87956)
The issue is fixed.Whenever an input set or overlay input set is saved from YAML view, the provider value is sent to the handleSubmit function, which takes care of sending the query parameter to create APIs.
-
In OCI Helm Connector with ECR type, during the new inline creation of a new connector, it opened the 'http' connector step.(CDS-88350)
The issue is fixed now and it correctly opens the appropriate
AWS Connector
. -
Pipeline template using a stage template was not honoring
gitBranch
field for service selection. (CDS-88378)The issue is fixed now.
-
The ExecutionList page overflowed the page when not needed. (CDS-88388)
The issue is fixed now.
-
Icon for trigger was missing in new nav. (CDS-88529)
This issue occurred due to browser rendering, and a similar issue was discussed and addressed as part of CDS-88645.
-
When attempting to save Stage Templates of Azure Webapp Deployment Type, the screen repeatedly asked to save. (CDS-88930)
The issue is fixed now.
-
Pipeline invocation failed when searching for the YAML in the wrong branch. (CDS-91080)
The issue is fixed now.
Continuous Integration
-
Added a missing field validation for Repository Name when using Harness Code Repository as the pipeline's default codebase. (CI-11042)
-
PR status updates now send correctly when using a GitHub App in a GitHub connector with a secret (instead of plain text) for the Application ID. (CI-11025, ZD-56177)
-
Added indexing to handle a
IncorrectResultSizeDataAccessException
error that rarely occurred in builds with matrix looping strategies if some non-unique values were assigned. (CI-10884, ZD-55815) -
Fixed a
NullPointerException
error that occurred if you provided noargs
when configuring Test Intelligence for Ruby. (CI-10847, ZD-55658) -
Fixed an issue where pod creation failed in Kubernetes cluster build infrastructures if the pod volume mount key exceeded 63 characters. This change requires Harness Delegate version 24.01.82108 or later. For information about features that require a specific delegate version, go to the Delegate release notes. (CI-10789, ZD-55265)
-
Corrected the capitalization of
GitHub
in the GitHub Action plugin step in the step library. (CI-7325)
Harness Platform
-
Fixed a license validation issue that caused ng-manager errors. (PL-46455)
-
Tooltips in the left navigation were incorrectly displayed behind the stage execution details panel. Now, tooltips are visible on the Execution page. (PL-43993)
-
K8S_WATCH
perpetual tasks remainedTASK_ASSIGNED
despite being assigned to non-existent delegates. (PL-43973)This issue was fixed by implementing a CronJob to reset perpetual tasks associated with invalid delegates, ensuring proper handling of Kubernetes events.
This item is available with Harness Platform version 1.22.3 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
-
Fixed the ACL list roles API to correctly display
HarnessManaged
,CreatedAt
, andLastModifiedAt
date fields, ensuring accurate role management data in responses. (PL-43952) -
Multi-select dropdowns would reset to the top after each selection. This issue is fixed for all multi-select dropdowns unless explicitly specified by the user. (PL-43925)
-
When editing user group data, member data was not added as expected. Now, the user group data related to the user group members is not lost when the user group is updated. (PL-43855, ZD-55944)
-
Running
terraform apply
for an existing SSO-linked user group resulted in an empty user list. (PL-43763, ZD-55505)This issue has been resolved. Now, when the user group payload is SSO-linked, the existing users are maintained as is, and the users list in the payload is ignored.
- In cases where the existing user group is SSO-linked and needs to be overridden and delinked in the update payload, the existing users will be replaced with the users list provided in the payload.
-
Fixed an issue where searching for user groups containing special characters resulted in a 500 error due to invalid regex patterns in the search term. Now, the
usergroup
list API validates regex patterns and provides a clear error message for invalid search terms. (PL-43761) -
The Azure endpoints were not being set based on the Azure environment selected. This led to Azure connectors working correctly only for Azure public cloud and not for other variants of Azure cloud (like Azure Gov, Azure China, and so on). Now, the correct Azure resource manager endpoint will be chosen based on the environment selected in the connector. (PL-43333, ZD-54717)
-
Intermittent errors occurred when pulling secrets from a Custom Secret Manager. (PL-43193, ZD-54236, ZD-54555, ZD-55919)
This issue has been resolved by adding a timeout (in seconds) to fetch secrets from a custom provider in the Custom Secret Manager settings. The process interrupts and fails when it takes longer than the configured timeout to fetch the secret. The default value is 20 seconds.
This item requires Harness Delegate version 24.01.82108. For information about features that require a specific delegate version, go to the Delegate release notes.
-
The
platform-service
was not publishing the response count metric. (PL-43123)This has been resolved, and the
platform-service
will now consistently publish the response count metrics.
February 13, 2024, patch version 0.13.4
This release includes the following Harness module and component versions.
Name | Version |
---|---|
Helm Chart | 0.13.4 |
Air Gap Bundle | 0.13.4 |
NG Manager | 1.19.12 |
CI Manager | 1.6.11 |
Pipeline Service | 1.56.7 |
Platform Service | 1.8.2 |
Access Control Service | 1.29.2 |
Delegate | 24.01.82004 |
Change Data Capture | 1.1.2 |
Test Intelligence Service | release-223 |
NG UI | 0.372.18 |
LE NG | 67903 |
Alternative air gap bundle download method
Some admins might not have Google account access to download air gap bundles. As an alternative, you can use gsutil
. For gsutil
installation instructions, go to Install gsutil in the Google Cloud documentation.
gsutil -m cp \
"gs://smp-airgap-bundles/harness-0.13.4/ccm_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.4/cdng_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.4/ce_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.4/cet_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.4/ci_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.4/ff_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.4/platform_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.4/sto_images.tgz" \
.
Fixed issues
- Fixed a license validation issue that caused ng-manager errors. (PL-46455)
February 8, 2024, patch version 0.13.3
This release includes the following Harness module and component versions.
Name | Version |
---|---|
Helm Chart | 0.13.3 |
Air Gap Bundle | 0.13.3 |
NG Manager | 1.19.11 |
CI Manager | 1.6.11 |
Pipeline Service | 1.56.7 |
Platform Service | 1.8.2 |
Access Control Service | 1.29.2 |
Delegate | 24.01.82004 |
Change Data Capture | 1.1.2 |
Test Intelligence Service | release-223 |
NG UI | 0.372.18 |
LE NG | 67903 |
Alternative air gap bundle download method
Some admins might not have Google account access to download air gap bundles. As an alternative, you can use gsutil
. For gsutil
installation instructions, go to Install gsutil in the Google Cloud documentation.
gsutil -m cp \
"gs://smp-airgap-bundles/harness-0.13.3/ccm_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.3/cdng_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.3/ce_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.3/cet_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.3/ci_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.3/ff_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.3/platform_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.3/sto_images.tgz" \
.
Fixed issues
- Fixed UI logging issues for release versions 0.12.0, 0.13.0, 0.13.1, and 0.13.2. (PL-46771, ZD-57141)
February 8, 2024, patch version 0.12.1
This release includes the following Harness module and component versions.
Name | Version |
---|---|
Helm Chart | 0.12.1 |
Air Gap Bundle | 0.12.1 |
NG Manager | 81720 |
CI Manager | 6904 |
Pipeline Service | 1.51.3 |
Platform Service | 1.4.4 |
Access Control Service | 1.25.3 |
Delegate | 23.12.81604 |
Change Data Capture | 81510 |
Test Intelligence Service | release-223 |
NG UI | 0.372.15 |
LE NG | 68402 |
Alternative air gap bundle download method
Some admins might not have Google account access to download air gap bundles. As an alternative, you can use gsutil
. For gsutil
installation instructions, go to Install gsutil in the Google Cloud documentation.
gsutil -m cp \
"gs://smp-airgap-bundles/harness-0.12.1/ccm_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.1/cdng_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.1/ce_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.1/cet_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.1/ci_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.1/ff_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.1/platform_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.1/sto_images.tgz" \
.
Fixed issues
- Fixed UI logging issues for release version 0.12.0. (PL-46771, ZD-57141)
February 2, 2024, patch version 0.13.2
This release includes the following Harness module and component versions.
Name | Version |
---|---|
Helm Chart | 0.13.2 |
Air Gap Bundle | 0.13.2 |
NG Manager | 1.19.11 |
CI Manager | 1.6.11 |
Pipeline Service | 1.56.7 |
Platform Service | 1.8.2 |
Access Control Service | 1.29.2 |
Delegate | 24.01.82004 |
Change Data Capture | 1.1.2 |
Test Intelligence Service | release-223 |
NG UI | 0.372.18 |
LE NG | 67903 |
Alternative air gap bundle download method
Some admins might not have Google account access to download air gap bundles. As an alternative, you can use gsutil
. For gsutil
installation instructions, go to Install gsutil in the Google Cloud documentation.
gsutil -m cp \
"gs://smp-airgap-bundles/harness-0.13.2/ccm_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.2/cdng_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.2/ce_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.2/cet_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.2/ci_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.2/ff_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.2/platform_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.2/sto_images.tgz" \
.
Fixed issues
-
The
/ccm/bi-dashboards
API didn't return dashboards. (CCM-15995)This issue was resolved by redirecting the Dashboards module to view BI Dashboards. The BI Dashboards are a subset of all module dashboards available under Custom Dashboards, providing a shortcut to access them.
February 2, 2024, patch version 0.13.1
This release includes the following Harness module and component versions.
Name | Version |
---|---|
Helm Chart | 0.13.1 |
Air Gap Bundle | 0.13.1 |
NG Manager | 1.19.11 |
CI Manager | 1.6.11 |
Pipeline Service | 1.56.7 |
Platform Service | 1.8.2 |
Access Control Service | 1.29.2 |
Delegate | 24.01.82004 |
Change Data Capture | 1.1.2 |
Test Intelligence Service | release-223 |
NG UI | 0.372.18 |
LE NG | 67903 |
Alternative air gap bundle download method
Some admins might not have Google account access to download air gap bundles. As an alternative, you can use gsutil
. For gsutil
installation instructions, go to Install gsutil in the Google Cloud documentation.
gsutil -m cp \
"gs://smp-airgap-bundles/harness-0.13.1/ccm_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.1/cdng_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.1/ce_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.1/cet_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.1/ci_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.1/ff_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.1/platform_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.1/sto_images.tgz" \
.
Fixed issues
-
If you encounter a
Project with orgIdentifier and identifier not found
after an upgrade, Harness recommends waiting for at least 2 minutes before taking any action. A background migration job will trigger 1 minute after the upgrade to populate the correct links. (PL-46725)Previously, the job was triggered after 30 minutes, which caused issues. However, this has now been resolved by reducing the time to 1 minute.
January 29, 2024, version 0.13.0
New features and enhancements
This release includes the following Harness module and component versions.
Name | Version |
---|---|
Helm Chart | 0.13.0 |
Air Gap Bundle | 0.13.0 |
NG Manager | 1.19.10 |
CI Manager | 1.6.11 |
Pipeline Service | 1.56.7 |
Platform Service | 1.8.2 |
Access Control Service | 1.29.2 |
Delegate | 24.01.82004 |
Change Data Capture | 81905 |
Test Intelligence Service | release-223 |
NG UI | 0.372.18 |
LE NG | 67903 |
Alternative air gap bundle download method
Some admins might not have Google account access to download air gap bundles. As an alternative, you can use gsutil
. For gsutil
installation instructions, go to Install gsutil in the Google Cloud documentation.
gsutil -m cp \
"gs://smp-airgap-bundles/harness-0.13.0/ccm_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.0/cdng_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.0/ce_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.0/cet_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.0/ci_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.0/ff_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.0/platform_images.tgz" \
"gs://smp-airgap-bundles/harness-0.13.0/sto_images.tgz" \
.
Self-Managed Enterprise Edition
- You can now enable TLS for MongoDB, MinIO, and TimescaleDB cloud-based external databases. For configuration details, go to Configure external databases. (PL-46234)
Continuous Delivery & GitOps
-
Triggers now map payload attributes with pipeline inputs. (CDS-87039)
-
There are cases where you want to use input sets in a trigger, but provide a different value for the input set (override the default).
-
When a trigger is configured to use input sets, you can now pass input value overrides in the trigger's
inputYaml
field. -
The values provided in the trigger's
inputYaml
field take precedence over any values provided by the input sets. This lets you override the input set values and use, for example, trigger payloads for specific inputs to the pipeline.
-
-
AIDA™️ replaces Coveo for support case deflection (CDS-85267)
AIDA replaces Coveo in proactively assisting you with content recommendations when you are entering a subject for your ticket in the Submit a ticket form.
This feature is behind the feature flag
CDS_AIDA_SUPPORT_DEFLECTION
. To enable the feature, contact Harness Support. -
The Go template binary has been upgraded from version 0.4.4, which used Go version 1.20, to version 0.4.5, which uses Go version 1.21.4. (CDS-83173, ZD-50403)
-
Filter support for Overrides v2(CDS-81535)
- Users will be able to filter overrides on the basis of Environments, services & Infrastructures.
-
Allow to delete service from actual service window(CDS-78792)
- Service delete option is now available on the Service details page. Previously, Users could only delete service from Service List Page.
Continuous Integration
-
The Get Started workflow can now auto-generate starter pipelines from Harness Code repositories. (CI-10780)
-
Enhanced log retention for custom approval steps. (CI-10273, ZD-53345, ZD-53410)
Harness Platform
-
Upgraded Janino to version 3.1.11. (PL-43320, ZD-54505)
-
Upgraded
ch.qos.logback
from version 1.2.11 to 1.2.13. (PL-43260) -
Upgraded YamlBeans to version 1.17. (PL-42905, ZD-51149, ZD-53760, ZD-53919)
-
Upgraded MinIO to
bitnami/minio:2023.10.7-debian-11-r2
. (PL-42019) -
The LDAP configuration wizard now includes a Delegates Setup step, allowing you to select delegates and ensuring that all LDAP delegate tasks go to a particular delegate. (PL-28202)
-
Upgraded the
yq
library from version 4.35.2 to 4.40.5. (PL-42548)
Early access features
Harness Platform
-
Allowlist verification for delegate registration (PL-42471)
noteCurrently, allowlist verification for delegate registration is behind the feature flag
PL_ENFORCE_DELEGATE_REGISTRATION_ALLOWLIST
. Contact Harness Support to enable the feature.Without this feature flag enabled, delegates with an immutable image type can register without allowlist verification. With this feature flag enabled, delegates with an immutable image type can register if their IP/CIDR address is included in the allowed list received by Harness Manager. The IP address/CIDR should be that of the delegate or the last proxy between the delegate and Harness Manager in the case of a proxy.
Harness Manager verifies registration requests by matching the IP address against an approved list and allows or denies registration accordingly. For more information, go to Add and manage IP allowlists.
This item requires Harness Delegate version 24.01.82108. For information about features that require a specific delegate version, go to the Delegate release notes.
Fixed issues
Continuous Delivery & GitOps
-
The Shell Script step was terminating when running on VM via SSH. (CDS-87415, ZD-55629, ZD-55690)
- Fixed a Shell Script step issue with SSH where it was failing for newer delegate versions with the error:
Error while reading variables to process Script Output. Avoid exiting from script early: 2: No such file
. - Recent modification made directoryPath an optionally computed field which defaults to the user-provided working directory.
- To address this, the fix involves incorporating logic that ensures the presence of a backslash is in the directoryPath if it's absent.
- Fixed a Shell Script step issue with SSH where it was failing for newer delegate versions with the error:
-
Service phase fails to parse a variable value. (CDS-87290)
- There was an issue in the service phase of the stage execution where it fails to render a string variable, and throws the error
Invalid yaml: Malformed numeric value '00:00:00.100' at [Source: (StringReader); line: 36, column: 30]
. This was because variables with time format with milliseconds were being sent without quotes. - Now, string variables with values such as
00:00:00.100
(time in milliseconds) are supported in Service variables.
- There was an issue in the service phase of the stage execution where it fails to render a string variable, and throws the error
-
Kubernetes Apply step started failing after upgrading to the current Harness Delegate type (immutable). (CDS-87011)
- When using the
--dependency-update
flag with a Helm chart and Kubernetes Apply step, Harness didn't ignore the unrelated to Helm template output lines. - Harness was trying to interpret some of the Helm template output as a manifest. This resulted in a failure during the step.
- This issue has been resolved. Now Harness will ignore anything unrelated to the manifest output when using the Kubernetes Apply step with the
--dependency-update
flag.
- When using the
-
Container Step execution is failing with a delegate connectivity failure. (CDS-87005, ZD-54820)
- Pipelines run for extended periods of time (~20 hrs) resulted in the loss of connectivity to delegates.
- This issue has now been fixed. If the step's Timeout setting is not set, the default delegate task timeout will be 12 hours.
-
Deploy CDK Error. (CDS-86930, ZD-55227)
- This was caused by user error, but it describes an important configuration consideration. The user used a common image (
https://gallery.ecr.aws/amazonlinux/amazonlinux
) for the step that did not include the AWS CDK requirements. This resulted in a CDK error. - The image used in CDK steps should be created based on the Harness
aws-cdk-plugin
image available athttps://hub.docker.com/r/harness/aws-cdk-plugin
, documented here. The Harness image contains the Harness logic around the AWS CDK. You can a custom image built fromharness/aws-cdk-plugin:1.0.0
by adding support for different programming languages. See the tags athttps://hub.docker.com/r/harness/aws-cdk-plugin
tags.
- This was caused by user error, but it describes an important configuration consideration. The user used a common image (
-
Subsequent Google Cloud Function Gen 1 deployments not happening if the first deploy fails. (CDS-86746, ZD-55115)
- Function update was failing because the function state was not stable before deployment and Harness was waiting for it to a achieve stable state.
- Fixed the rollback logic for deployment of Google Cloud Function.
-
Null AWS ASG name in logs for blue green Traffic Shift step. (CDS-86744)
- Harness has fixed the logs for the ASG blue green Traffic Shift step. It no longer displays null ASG names.
-
A null pointer exception was thrown during ASG rolling deployment. (CDS-86426)
- An NPE was thrown when the ASG deployments was missing the launch template part of the base ASG (the ASG used as a template when creating new ASGs).
- Harness provides a better error message targeting the problem. The issue has been resolved.
-
Helm deployment fails to fetch the manifest when using native AWS connector for ECR. (CDS-86418, ZD-54707)
- The OCI Helm ECR store configuration feature did not work when IRSA and IAM were configured in the AWS connector. This resulted in null pointer exception, failing the deployment.
- The OCI Helm ECR store now supports IRSA and IAM configured in the AWS connector.
-
During pipeline execution, the console view wasn't showing steps inside of the step group. (CDS-86129, ZD-54757)
- Logs for steps which were inside a step group are now be visible in console view also.
-
Unclear error message coming from Azure during Helm deployment. (CDS-85972)
- A Helm deployment to AKS was failing with an Azure permission error.
- For AKS Kubernetes cluster RBAC permission issues, Harness will print out additional hints regarding the Harness connector in question.
-
Pipeline failure at service phase. (CDS-85942, ZD-54701)
- Harness has improved error handling when users are not passing the manifest Id in the service input. This is required when file and folder paths are used as a runtime input.
-
Harness service showing incorrect Helm chart version deployed in Harness UI. (CDS-85856, ZD-54508)
- The Harness service instance dashboard did not reflect the correct Helm chart version when instances were scaled up/down. The perpetual task did not not contain the updated Helm chart information which results in a mismatch of the Helm chart version value for the Kubernetes deployment.
- Fixed this issue by updating the
instanceSyncPerpetualTaskInfo
collection in Mongo every time the Helm chart information is updated.
-
Templates not deleted even after removing references. (CDS-85828, ZD-54300, ZD-54616)
- The error was related to the reference calculation during the movement of pipelines from inline to remote.
- This issue has been fixed now, and the template references are updated accurately.
-
Helm binary path is not added to system path by default on immutable delegate image. (CDS-85763)
- Harness has added Helm v3.12.0 into the
env
path for delegates. Customers will no longer need to use the full path to access this version it Shell Script steps.
- Harness has added Helm v3.12.0 into the
-
When you set Default Store Type For Entities- Pipelines/InputSets/Templates to Remote, the creation of environments and services failed. (CDS-85691, ZD-54497)
- This issue has been fixed.
-
A deployment was failing with Terraform errors. (CDS-85684)
- The Terraform tasks working directory was created based on account, org, project and provisioner identifier. This might cause issues if two steps with same account, org, project, and provisioner identifier are running simultaneously on the same delegate.
- Now, every Terraform step execution will run in a unique working directory.
-
Logs not present for the Copy command. (CDS-85662, ZD-54190)
- The call of
saveExecutionLog("Command finished with status " + response.getStatus(), response.getStatus());
on classScriptSshExecutor.java
made the log stream terminate. - Now we are closing the log stream consistently SSH executions.
- The call of
-
The header of the listing page for input sets displays a Git branch in the page header. Harness allowed you to change that branch, giving you the impression that, when you selected a branch, the list would refresh and show the input sets on the branch you selected. However, no matter which branch you selected, the list of input sets would not change. You also could not use any of the input sets after changing to a different branch. (CDS-85365, ZD-54302)
-
The reason for the input set list not changing is that the page header is designed to show the branch on which the pipeline is stored. The page lists all the input sets that have been configured regardless of the branch you select.
-
This issue has been fixed. Harness no longer allows you to change the branch displayed in the header.
-
-
The dates in the banner that announces the end-of-support and end-of-life dates for Harness FirstGen were incorrect. (CDS-85223)
This issue has been fixed. The banner now has the correct dates.
-
Console logs missing from CloudFormation steps. (CDS-84962, ZD-53810, ZD-53865) There was an issue where CloudFormation steps were not updating the console logs when there are multiple steps with a similar prefix. This issue is now fixed.
-
Harness did not support expressions to identify manifest Ids provided as runtime inputs. Consequently, you could not reference Helm chart metadata in your deployments. The issue occurred when you used multiple Helm chart manifests. (CDS-84663)
This issue has been fixed. You can now access Helm chart metadata before deployment by using the expression
<+manifests.MANIFEST_ID.helm.fieldName>
. In the expression, replaceMANIFEST_ID
andfieldName
with the appropriate values. If you use multiple Helm charts, the primary manifest is used as runtime input. -
If instance refresh during an ASG deployment took too much time and timed out, a rollback was triggered. If the instance refresh was still in progress when the rollback was triggered, the rollback failed. (CDS-83821)
This issue has been fixed.
This item requires Harness Delegate version 23.11.81803. For information about features that require a specific delegate version, go to the Delegate release notes.
-
Certain Docker registries fail authentication when using the
/v2
endpoint, which is used for health checks in Docker connectors. (CDS-82616, ZD-52513)This issue has been fixed. Harness now falls back to using the
/v2/
endpoint if the/v2
endpoint fails.This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
-
Error connecting to Git Sync service. (CDS-81261, ZD-51238)
- The pipeline had 66 remote templates for which the template request made a single GRPC request. This delayed the response from the Git side and timed out the thread.
- Now Harness makes GRPC requests in batches of 20 to get remote templates
-
Creating the Terraform resource
harness_platform_file_store_file
without content crashes. (CDS-77833)- Now Harness provides an empty file when content is null.
Continuous Error Tracking
- When trying to navigate to agents/critical events/agent tokens settings in admin mode user would get 404, now they can navigate to the expected page. Also, incorrect icons were used for CET settings tiles, now each tile has correct icon. (CET-1882)
Continuous Integration
-
If you configured an optional step setting (such as Limit Memory, Limit CPU, or Timeout) to accept runtime input (
<+input>
), and then provided no value for that setting at runtime, the pipeline could fail due to invalidnull
input. This has been fixed, and the effected settings can how handle empty (null
) runtime input. (CI-10514, ZD-54217) -
Fixed an issue where builds failed in a Kubernetes cluster build infrastructure because certificates from the key chain weren't considered when fetching the entrypoint for the S3 Upload and Publish plugin. (CI-10258, ZD-53311)
-
Added a validation to check that codebase configuration details (connector, repo, and so on) are provided if at least one stage in pipeline has Clone Codebase enabled. (CI-10055)
-
Fixed a proxy issue related to downloading logs. (CI-9657, ZD-50664)
-
Improved error messaging related to addon disconnects. (CI-8877)
-
Fixed an issue with SCM service logging. (CI-8872)
Harness Platform
-
Perpetual tasks weren't assigned after a delegate restart. (PL-43646, ZD-55426, ZD-55572)
Fixed race condition where a perpetual task was assigned at the same time as the delegate abruptly shutting down due to a pod restart.
This item is available with Harness Platform version 1.19.x and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
-
When Harness user groups were created during SCIM sync, dots were not converted to underscores in Harness for user group IDs. (PL-43576, ZD-55266)
This issue has been resolved. Now, SCIM group names that contain dots are converted to underscores in Harness for group identifiers. For example, a SCIM group named "abc.xyz" is created as follows:
UserGroupIdentifier: "abc_xyz"
UserGroupName: "abc.xyz"
-
In the Add new Encrypted Text dialog, the Regions list for Google Secrets Manager integration included unsupported values.(PL-43575, ZD-55268)
This issue has been resolved and the Regions list has been updated with the correct GCP regions.
-
The Access Management page didn't display all Users in the list. (PL-43038)
-
Execution links were not available in pipeline failure Slack notifications. (PL-42974, ZD-53195)
This issue has been resolved. Now, in Slack notifications, the "Node status" keyword, such as "failed," is a hyperlink that provides direct access to the associated node execution URL.
-
The delegate was rejecting tasks due to an issue where the CPU and memory calculation wasn't showing the latest usage value. This was caused by the dynamic request handling feature that rejects tasks if the CPU and memory usage exceeds a certain threshold. The pods weren't scaled by HPA because the CPU and memory usage within the pods was within the limit. (PL-42600, ZD-54025, ZD-54324)
-
For user groups provisioned from SCIM to Harness, for the corresponding user groups created in Harness, the user group
identifier
is derived from the display name of the user group in the SCIM provider. Harness replaces.
(dots) and-
(dashes) with an_
(underscore). All other special characters (#
,?
,%
, and so on) and spaces are removed. Leading digits0
through9
and$
are also removed. (PL-42535, ZD-53830, ZD-55294)All special characters except
.
,-
, and non-leading$
and digits0
through9
are removed.Example 1: For a user group in SCIM with the name
Harness.Group?Next#Gen-First
, the user group created in Harness will have theidentifier
:Harness_GroupNextGen_First
.Example 2: For a user group in SCIM with the name
123#One.$Two.$Three.123
, the user group created in Harness will have theidentifier
:One_$Two_$Three_123
.The existing behavior of
.
and-
changed to_
has been retained.The name of the corresponding user group created in Harness will retain the special symbols as present in the user group of the SCIM provider. Example: For a user group in SCIM with the name
Harness.Group?Next#Gen-First
, the user group created in Harness will have the samename
:Harness.Group?Next#Gen-First
.This item requires Harness Delegate version 23.12.82000. For information about features that require a specific delegate version, go to the Delegate release notes.
-
Added RBAC checks to the delegate list API. Now, only delegates for which users have permission are shown in the list on the Delegates page. (PL-42268, ZD-52174)
This item is available with Harness Platform version 1.16.6 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
-
The role assignment list API was returning incorrect role assignments. This problem occurred because of the use of a regex query to match the scope for role assignments. The issue specifically affected projects or organizations under the same account that had overlapping project or organization identifiers, particularly when the filter INCLUDED_CHILD_SCOPES was used. This issue has been addressed and corrected. (PL-39051)
January 8, 2024, version 0.12.0
New features and enhancements
This release includes the following Harness module and component versions.
Name | Version |
---|---|
Helm Chart | 0.12.0 |
Air Gap Bundle | 0.12.0 |
NG Manager | 81720 |
CI Manager | 6904 |
Pipeline Service | 1.51.3 |
Platform Service | 1.4.4 |
Access Control Service | 1.25.3 |
Delegate | 23.12.81604 |
Change Data Capture | 81510 |
Test Intelligence Service | release-223 |
NG UI | 0.372.15 |
LE NG | 68402 |
Alternative air gap bundle download method
Some admins might not have Google account access to download air gap bundles. As an alternative, you can use gsutil
. For gsutil
installation instructions, go to Install gsutil in the Google Cloud documentation.
gsutil -m cp \
"gs://smp-airgap-bundles/harness-0.12.0/ccm_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.0/cdng_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.0/ce_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.0/cet_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.0/ci_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.0/ff_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.0/platform_images.tgz" \
"gs://smp-airgap-bundles/harness-0.12.0/sto_images.tgz" \
.
Self-Managed Enterprise Edition
-
You can now use an Amazon ElastiCache Redis database with your installation. (SMP-2165, ZD-52249)
-
You can now use Kubernetes-based external secrets for Harness license values in Helm charts. (SMP-1839, ZD-49341, ZD-52283)
Harness has added the following values to
global.license.secrets.kubernetesSecrets
.-
secretName
: Name of the Kubernetes secrets containing Harness license keys -
keys.CG_LICENSE
: Name of the secret key containing a FirstGen License -
keys.NG_LICENSE
: Name of the secret key containing a NextGen Licenseglobal:
license:
cg: ''
ng: ''
secrets:
kubernetesSecrets:
- secretName: ""
keys:
CG_LICENSE: ""
NG_LICENSE: ""
-
Continuous Delivery & GitOps
-
If you use Kubernetes version 1.16 or later, you can enable the steady state check for Native Helm jobs from Default Settings at any organizational scope (account, organization, or project) in Harness. (CDS-81574)
To enable the setting, at the desired scope, go to Default Settings > Continuous Delivery, and then turn on the Enable Native Helm steady state for jobs toggle.
This enhancement eliminates the need for you to contact Harness Support to enable the feature flag
CDS_HELM_STEADY_STATE_CHECK_1_16
and gives you direct control of the setting.Accounts for which Harness had enabled this feature flag will have this setting turned on by default.
This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
-
Send freeze window notifications when a freeze window is enabled (CDS-82272, ZD-52835)
You can now use the Freeze window is enabled setting (
OnEnableFreezeWindow
in YAML) to send notifications when a freeze window is enabled. This setting is in contrast to the existing Freeze window is enabled and active setting (FreezeWindowEnabled
in YAML), which sends notifications at the start time of a freeze window that is enabled.For information about how to send freeze window notifications when a freeze window is enabled, go to Freeze deployments.
-
Configure bidirectional sync for Git Experience at all scopes (CDS-83878)
Earlier, you could configure bidirectional sync for Harness Git Experience by configuring webhooks only at the account scope. Now, you can also configure such webhooks at the organization and project scopes.
-
Elimination of an unnecessary prompt when another user updates a pipeline (CDS-83893)
With this release, if another user updates a pipeline and you do not have unsaved changes for that pipeline, Harness applies that user's changes and updates your view of the pipeline without showing you a prompt.
Cloud Cost Management
- Pagination for perspectives has been added for faster loading time. By default, only the first 20 perspectives are displayed, ordered by the most recent. (CCM-15124)
Harness Platform
-
Added a Purge Secrets option to the Azure Key Vault Details dialog. This option is selected by default and purges deleted secrets instead of soft deleting them. (PL-41738)
-
Upgraded
io.netty:netty*
to version 4.1.100.final to address vulnerabilities. (PL-41905, ZD-50403, ZD-52222, ZD-53107) -
Upgraded Redis to 6.2.14-alpine to address potential vulnerabilities. (PL-42228)
-
Upgraded the
org.eclipse.jetty_jetty-http
,jetty-io
,jetty-util
, andjetty-continuation
libraries to 9.4.53.v20231009 to resolve CVE CVE-2023-36478. (PL-42288, PL-42560)
Early access features
Continuous Delivery & GitOps
-
Update the green services in an ECS Blue Green deployment (CDS-82763)
If green services exist in your Blue Green deployment, you can configure Harness to update those services instead of deleting them and then re-creating them with a new manifest and artifact. Updating existing green services is beneficial because new containers come up before old ones go down. For more information, go to Update green services.
Additionally, before beginning the deployment, Harness validates the blue and green services based on the target group and tags them appropriately. If the validation fails, Harness aborts the deployment. For more information, go to ECS blue/green service validations.
This feature is behind the feature flag
CDS_ECS_BG_VALIDATION
. To enable the feature, contact Harness Support.This item requires Harness Delegate version 23.11.81803. For information about features that require a specific delegate version, go to the Delegate release notes.
Continuous Integration
Delegate selectors for codebase tasks (CI-9980)
Currently, delegate selectors for CI codebase tasks is behind the feature flag CI_CODEBASE_SELECTOR
. Contact Harness Support to enable the feature.
Without this feature flag enabled, delegate selectors aren't applied to delegate-related CI codebase tasks.
With this feature flag enabled, Harness uses your delegate selectors for delegate-related codebase tasks. Delegate selection for these tasks takes precedence in order of pipeline selectors over connector selectors.
Fixed issues
Continuous Delivery & GitOps
-
The Continuous Integration step library listed step categories in the following order: Security Tests, Artifacts, Builds, and Security. This order was inappropriate for CI stages and required you to scroll to find CI steps. (CDS-79655)
This issue has been fixed. The order of step categories is now Builds, Artifacts, Security, and then Security Tests.
-
When you delete the value of an input field in the service overrides section of a pipeline, the values in dependent fields are cleared, but the value you attempted to delete is not cleared. For example, if you attempt to clear the Artifact Directory field, the Artifact Path field is cleared, but the value in the Artifact Directory field is not cleared. The value gets cleared only on the second attempt. (CDS-80149)
This issue has been fixed.
-
Harness does not display large console logs correctly. The logs end abruptly. (CDS-80666, ZD-51442)
This issue has been fixed. You can now scroll through large logs and also use the Scroll to Bottom button.
-
Required filters were missing in Prometheus queries, causing the Verify step to fail. The queries now include the required filter validations. (CDS-80823)
-
Harness generated multiple requests for each remote child pipeline. (CDS-80831, ZD-51082, ZD-51764)
This issue has been fixed. Now, Harness generates only unique requests for child pipelines.
-
Updated the UI of environment variable fields in the Run step to allow configuring default, allowed values when they are set as runtime inputs. (CDS-80915)
-
When adding a Google Artifact Registry (GAR) in the Artifact Details dialog, you had to manually enter the Repository Name. Now, you can select the repository from a dropdown. (CDS-81187)
-
Custom health sources are not displayed for stages that deploy multiple services or multiple environments. (CDS-81214, ZD-51901)
This behavior is by design. To improve the user experience, for stages that deploy multiple services or multiple environments, a new message is displayed at the bottom of the verify step. The message describes why custom health sources are not shown.
-
Previously, the saved filters dropdown field was limited to displaying only the first 100 filters, which was also the maximum number of filters retrieved. (CDS-81492, ZD-52030)
This issue has been fixed. Harness has introduced infinite scrolling in the dropdown field, thereby allowing it to retrieve the entire list of available filters.
-
The services dashboard did not correctly show primary and canary instances in a Kubernetes deployment. (CDS-81869, ZD-52262, ZD-52930)
The issue occurred because Harness treated the canary instances and primary instances as one set of instances. Consequently, during the canary deployment, Harness also updated the primary instances with current deployment details. This was not correct because primary deployment hadn't begun yet. This issue affected post-production rollbacks.
This issue has been resolved. Now, Harness splits the canary instances and primary instances into two groups and updates each group with the deployment details that are relevant to them.
This item requires Harness Delegate version 23.11.81405. For information about features that require a specific delegate version, go to the Delegate release notes.
-
Email notifications from the Harness Approval step did not respect newline characters included in the approval message. (CDS-81957, ZD-50115)
This issue has been fixed. You can now enter multiline text in the approval message field. Harness renders newline characters appropriately.
-
Earlier, environment values were not picked up correctly from other stages. (CDS-81970, ZD-52311)
This issue has been fixed.
-
Harness did not honor the working directories specified in script units in the Command steps used in WinRM deployments. Instead, Harness used the default directory configured for the user profile on the target VM. (CDS-82105)
This issue has been fixed. Harness now uses the working directory that you specify in script units. However, the fix has been deployed behind the feature flag
CDS_PRESERVE_WINRM_WORKING_DIR_FOR_COMMAND_UNITS
. Contact Harness Support to enable the fix.This item requires Harness Delegate version 23.11.81405. For information about features that require a specific delegate version, go to the Delegate release notes.
-
Currently, the on-premises version of Atlassian BitBucket does not fire push event webhooks when you first push to a new branch. This is inconsistent with other Git providers and also causes Harness's BitBucket triggers for on-premises repositories to behave inconsistently. (CDS-82110, ZD-52270)
As a workaround for this inconsistency, Harness has made the trigger's workflow capture branch hook events for on-premises BitBucket and convert them, on a best-effort basis, to a push hook. This change has the effect of making Harness's triggers for on-premises BitBucket to fire on the first push to a new branch. This change is behind the feature flag
CDS_NG_CONVERT_BRANCH_TO_PUSH_WEBHOOK_BITBUCKET_ON_PREM
. To enable this change in behavior, contact Harness Support.This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
-
Harness did not stop Terraform tasks after you canceled pipeline execution, even if you cancelled execution before the task started to run actual Terraform commands. (CDS-82222, ZD-52603)
This issue has been resolved.
This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
-
When verifying the artifact in a service step, Harness considered only the delegate selectors specified in the connector of the artifact source. Harness ignored the precedence rules described in Delegate selector priority. (CDS-82232)
This issue has been fixed. Now, Harness gives priority to stage-level and pipeline-level delegate selectors as described in the documentation. This fix is behind the feature flag
CDS_SERVICE_AND_INFRA_STEP_DELEGATE_SELECTOR_PRECEDENCE
. Contact Harness Support to enable the fix. -
A stage fails to execute in the following scenario:
- You configure the stage to execute only if a JEXL condition provided at runtime evaluates to true.
- You create an input set that does not provide the stage with a JEXL condition for evaluation.
When stage execution fails, the following error is displayed:
Error evaluating expression [<+OnPipelineSuccess> && (<+input>)]: Expression evaluation failed
. (CDS-82350, ZD-52689)This issue has been fixed.
-
If you manually entered and saved multiple ASG load balancers in the YAML configuration of an existing ASG Blue Green Deploy step, the load balancer configuration worked as expected. However, the ASG load balancer configurations did not propagate to the user interface, which set up the ASG load balancer fields to expect runtime input.
This issue has been fixed. You can now configure multiple ASG load balancer for existing ASG Blue Green Deploy steps. (CDS-82364)
-
HorizontalPodAutoscaler (HPA) and PodDisruptionBudget (PDB) could not be used in Kubernetes deployments if they contained fields that are not supported by the Kubernetes schema. (CDS-82370)
This issue has been fixed by the addition of support for such fields.
This item requires Harness Delegate version 23.11.81405. For information about features that require a specific delegate version, go to the Delegate release notes.
-
When using the Generic repository format to fetch artifacts from Artifactory, if you used an artifact filter and a non-Regex value for the artifact path, an issue occurred. The issue caused the metadata URL in the service outcome to be incorrect; the URL did not include the repository name. (CDS-82579)
This issue is fixed.
-
Certain Docker registries fail authentication when using the
/v2
endpoint, which is used for health checks in Docker connectors. (CDS-82616, ZD-52513)This issue has been fixed. Harness now falls back to using the
/v2/
endpoint if the/v2
endpoint fails.This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
-
Pipeline executions for WinRM deployments failed intermittently when the deployment was performed by Harness Delegate with version 23.11.81015. Certain processes managed by the Windows Remote Management service (namely,
winrshost.exe
with its child processconhost.exe
) were orphaned and continued to run on the target host. (CDS-82777, ZD-52759, ZD-53411, ZD-53460, ZD-53683)This issue has been fixed.
This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
-
After fetching tags from Google Artifact Registry, Harness sorted them lexically and not on the timestamp. (CDS-82778)
This issue has been fixed. Harness now sorts the tags on the timestamp.
This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
-
The Helm connector's test to check connectivity to an OCI Helm repository in AWS ECR failed with an "Invalid request: Invalid oci url..." error even though the URL to the repository conformed with the formats described in Connect to an Artifact repository. The delegate was configured to use a proxy server and the Anonymous authentication type. However, manually fetching Helm charts from the delegate were successful. (CDS-82779, ZD-52343)
This issue has now been resolved. The OCI Helm connector now works with the Anonymous authentication type when a proxy server is configured on the delegate.
-
Harness has released a new image,
harnessdev/serverless-package:3.30.1-1.1.0
, for the Serverless Package step. The package, available on Docker Hub, supports IRSA and assumes an IAM role for downloading artifacts from Amazon S3. (CDS-82788)The AWS connector specified in your artifact step for S3 or ECR requires certain information to be available in the newly released image. Harness adds the required information to the image by using the following environment variables:
PLUGIN_ARTIFACT_AWS_ACCESS_KEY
: AWS access key, if credentials are specified manually.PLUGIN_ARTIFACT_AWS_SECRET_KEY
: Secret key, if credentials are specified manually.PLUGIN_ARTIFACT_AWS_ROLE_ARN
: Cross-account role, if specified.PLUGIN_ARTIFACT_AWS_STS_EXTERNAL_ID
: STS external ID, if specified.PLUGIN_ARTIFACT_AWS_REGION
: AWS region of the artifact, if specified in the artifact.
You can override these environment variables in the serverless package.
By default, the image uses manually provided credentials, but it requires
PLUGIN_ARTIFACT_AWS_ACCESS_KEY
andPLUGIN_ARTIFACT_AWS_SECRET_KEY
to be present. If these environment variables are not present, Harness uses an IAM role associated with the service account in the step group configuration for the EKS cluster.The image uses
PLUGIN_ARTIFACT_AWS_ROLE_ARN
andPLUGIN_ARTIFACT_AWS_STS_EXTERNAL_ID
to assume the other role. The base role for assuming this role is determined based on whether the image uses manually provided credentials or an IAM role. -
The Artifact tag expression
<+artifact.tag>
wasn’t resolving for ASG deployments. Added support to fix this issue. (CDS-82824) -
For Rancher-based Kubernetes or Native Helm deployments and instance sync, Harness uses Rancher's
generateKubeconfig
API action. A new kubeconfig token is created on the Rancher cluster each time this API is hit. This led to an accumulation of kubeconfig tokens over time on the Rancher cluster. (CDS-83055, ZD-52924)This issue has been fixed. Harness now cleans up the kubeconfig token it creates during deployment or instance sync executions.
To receive this fix, upgrade your delegate to the latest delegate version.
This item requires Harness Delegate version 23.11.81803. For information about features that require a specific delegate version, go to the Delegate release notes.
-
The config file expressions
${configFile.getAsBase64("<filename>")}
and${configFile.getAsString("<filename>")}
are valid only in Harness FirstGen but were also being evaluated in Harness NextGen. When Harness NextGen evaluated these expressions, the messageCannot evaluate expression
and the expression it attempted to evaluate were displayed. (CDS-83157)This issue has been fixed. Those expressions are no longer evaluated in Harness NextGen.
-
When the width of the dialog in which you enter values for stage variables reduces (for example, when the console view is open), the names of the variables in the dialog get truncated. The issue makes it hard for you to understand what inputs are being requested. (CDS-83225, ZD-53024)
Given that such truncation is sometimes unavoidable, Harness has introduced the following changes in the dialog:
- Increased the size of the dialog.
- Replaced the description of the variable (in the Description column) with an icon. The icon makes more efficient use of available space and displays the variable's description when you hover over it.
-
If you selected the Expression value type for a stage or pipeline variable and manually entered the runtime input expression (expressions that begin with
<+input>
, which you typically specify by using the Runtime input value type), Harness appended white spaces to the expression when saving the value to YAML. The issue caused the Run Pipeline dialog to not show the input variable. (CDS-83279, ZD-53153)This issue has been fixed. When you manually enter a runtime input expression of the form described earlier, Harness does not append white spaces.
-
You could not switch to the Expression value type when specifying an artifact's repository. When you selected the Expression value type, Harness displayed the following generic message: "Something went wrong. The error has been reported and we are looking into it with high priority. Please refresh your browser to continue." (CDS-83367)
This issue has been fixed.
-
If you opened the step drawer when creating a step template in Account Resources > Templates, the step drawer did not list some Continuous Integration steps, such as the Run step. (CDS-83442, ZD-53103)
This issue has been fixed.
-
Starting with Delegate version 23.08.79713, the custom script for fetching remote manifests did not support absolute paths as the folder path. (CDS-83443, ZD-52872)
This issue has been fixed.
This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
-
AWS SAM Build and AWS SAM Deploy steps fail if the image that you specify for the
--build-image
command option uses an expression or Bash variable. (CDS-83465)This issue has been fixed. Harness now passes necessary environment variables during runtime, so any expression that is created within the containerized step group is resolved correctly.
-
Pipelines stopped working because they did not recognize the specified input sets. Even though all the required fields were populated with information contained in the input sets, Harness displayed a message next to each of those fields to indicate that the field was required. (CDS-83557, ZD-53398, ZD-53413)
This issue has been fixed. You can now run the pipeline with runtime inputs.
-
If the default capacity for the ASG deployment is zero or Null and you choose to create the same number of ASG instances as those that were previously deployed by the pipeline (the Same as already running Instances setting), Harness created zero instances. The deployment timed out after waiting for health checks. (CDS-83818)
This issue has been fixed. Now, if the default capacity is zero or Null, Harness sets the default capacity to match that in Harness FirstGen, which is as follows:
- For the first deployment:
- minimum = 0
- desired = 6
- maximum =10
- For other deployments:
- minimum = 0
- desired = 1
- maximum = 1
This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
- For the first deployment:
-
Earlier, if a Helm chart was invalid for any reason (for example, if it had an invalid folder structure or invalid YAML file) and Harness could not render the chart with the
helm template
command, the execution failed and the reason for failure was not always clear. (CDS-83828)Harness has improved the error handling in this scenario. If the Helm chart is invalid, Harness prints a warning about being unable to render it and continues to execute, relying on the
helm install
andhelm deploy
commands to throw an exception instead. -
Harness used Datadog log indexes when running the Verify step but not when fetching sample data in the health source configuration dialog. (CDS-83934, ZD-53433)
This issue has been fixed.
This item requires Harness Delegate version 23.11.81601. For information about features that require a specific delegate version, go to the Delegate release notes.
-
The polling interval of 15 sec for a running Verify step did not give you enough time to review event details or perform an action on an event, such as ignore an error. (CDS-83975, ZD-53492)
This issue has been fixed. The polling interval has been increased to 90 seconds and is expected to give you enough time to review events or act on them.
-
Harness did not evaluate expressions that begin with
<+pipeline.stage>
when they were used in ASG infrastructure. Therefore, you could not use those expressions to identify, for example, the region or the base ASG name. (CDS-84389)This issue has been fixed, and such expressions are evaluated correctly.
-
When a pipeline is stored in Git, expressions for selecting connectors do not work. When you attempt to select a manifest version that relies on such an expression to be resolved, the following message is displayed: "Invalid format of YAML payload: HTTP Error Status (400 - Invalid Format) received. Invalid request: Error while retrieving pipeline [pipeline_name]: Invalid request: Principal cannot be null" (CDS-84568, ZD-53864)
This issue has been fixed.
-
When streaming log messages from PowerShell scripts, Harness streamed only those console logs that had INFO and ERROR severity levels. (CDS-84570, ZD-53860)
This issue has been fixed. Now, Harness forwards console logs that have INFO, WARNING, DEBUG, and ERROR severity levels.
This item requires Harness Delegate version 23.11.81803. For information about features that require a specific delegate version, go to the Delegate release notes.
-
The Identify Service Instance field in the Add New Health Source dialog does not show the plus (
+
) icon when you are using a template to configure a Splunk health source. Consequently, you could not select the service instance after the records were fetched. (CDS-84608, ZD-53584)This issue has been fixed.
-
A default tag is now included in the Auto Scaling Group (ASG) for the Name key. The tag value is set to match the ASG name and is automatically propagated upon instance launch. This feature is especially useful if you rely on instance names for managing metrics. (CDS-84681)
-
Harness printed logs from the Delete Stack step in the reverse order. (CDS-84744, ZD-53865)
This issue has been fixed.
This item requires Harness Delegate version 23.11.81803. For information about features that require a specific delegate version, go to the Delegate release notes.
-
The Jenkins step failed when attempting to resolve secrets in expressions used in its job parameters, and the following message was displayed:
Error occurred while starting Jenkins task java.lang.IllegalArgumentException: Illegal character in query at index
(CDS-84747, ZD-53836)The issue has been resolved.
This item requires Harness Delegate version 23.11.81803. For information about features that require a specific delegate version, go to the Delegate release notes.
-
When creating a Kubernetes Apply step template in Template Studio, if you click + Add Manifest, the page breaks and the following message is displayed: "Something went wrong". At that point, you cannot go back to the previous page; you can only close the browser tab. (CDS-85013, ZD-54137)
This issue has been fixed.
-
If shell script execution fails with an exception such as a step timeout, the delegate logs include the message “Exception in script execution”. This message does not help attempts to determine the root cause. (CDS-85024, ZD-54110)
This issue has been fixed. The delegate logs now include a more meaningful message.
This item requires Harness Delegate version 23.11.81803. For information about features that require a specific delegate version, go to the Delegate release notes.
Continuous Integration
-
Improved the error message that appears if the Kubernetes cluster connector ID is
null
when running a pipeline that uses a Kubernetes cluster build infrastructure. (CI-8166) -
To address potential performance issues, resource consumption logs are now disabled for the
ci-addon
service, and the communication retry internal between the Lite Engine and theci-addon
service is now nine seconds. (CI-10042, ZD-52559) -
Fixed a thread safety issue that caused errors like
IncorrectResultsSizeDataAccessException
andreturned non unique result
. (CI-10061, ZD-52625) -
A previous release simplified the format of the log base key used to download logs for pipelines, and this release includes additional simplifications to support a new regex pattern. The simplified format is behind the feature flag
PIE_SIMPLIFY_LOG_BASE_KEY
. (CI-10085) -
The Get Started workflow can generate pipeline identifiers from repository names. To avoid failures due to invalid characters in pipeline identifiers, periods (
.
) in repository names are now replaced by underscores (_
) in pipeline identifiers. (CI-10156, ZD-52954) -
Fixed an issue where time savings wasn't reported if Test Intelligence selected no tests. (CI-10196)