Platform release notes
Review the notes below for details about recent changes to Harness Platform, NextGen SaaS. For release notes for Harness Self-Managed Enterprise Edition, go to Self-Managed Enterprise Edition release notes. For FirstGen release notes, go to Harness SaaS Release Notes (FirstGen).
Harness publishes security advisories for every release. Go to the Harness Trust Center to request access to the security advisories.
Harness deploys changes to Harness SaaS clusters on a progressive basis. This means that the features and fixes that these release notes describe may not be immediately available in your cluster. To identify the cluster that hosts your account, go to the Account Overview page.
Deprecation notice
The following deprecated API endpoints will no longer be supported:
- [GET | PUT | POST | DELETE] api/resourcegroup/{identifier}
- POST api/resourcegroup/filter
- GET api/resourcegroup
Latest: Version 80504
New features and enhancements
When Harness is configured to use the AppRole ID to fetch an authentication token from HashiCorp Vault, Harness generates a large number of requests for those tokens. The volume of requests causes performance issues. (PL-40754)
This issue has been fixed. You can now specify whether or not you want to retain the token to reduce the number of requests made. Possible values are
True
andFalse
. The default value isTrue
.Go has been upgraded from version 1.20.5 to version 1.21.0. This upgrade remediates CVE-2023-39533. (PL-40734)
You are now required to sign an end-user license agreement to access the Harness AI Development Assistant (AIDA) in the account and project scopes. (PL-39723)
The EULA is displayed when you enable AIDA at the account scope (Account Settings > Account Resources > Default Settings > Harness AI Developer Assistant).
Each account user must sign the EULA only once.
The setting is inherited at the project scope.
The delegate expiration policy has been extended from 3 months to 6 months. You now only have to update delegates once every 6 months. (PL-39452)
This item requires Harness Delegate version 80505. For information about features that require a specific delegate version, go to the Delegate release notes.
The OWASP Java HTML Sanitizer version is upgraded to 20220608.1. (PL-40807)
The Mozilla Rhino library has been upgraded from version 1.7R4 to 1.7.14. (PL-40808)
The Spring Boot library is upgraded to version 2.7.14. (PL-40810)
If the Email step failed to send a notification, the following message was displayed: “Failed to send the email. Check SMTP configuration.” The message did not include any additional information to help you debug the issue. (PL-40007, ZD-47524)
Now, the message has been enhanced to show the cause of failure. It also identifies the delegate that executed the task.
This item requires Harness Delegate version 80505. For information about features that require a specific delegate version, go to the Delegate release notes.
Early access features
This release does not include early access features.
Fixed issues
The Create or Select an Existing Connector dialog did not show any results when you filtered on Nexus connectors. (PL-40904)
The associated API is now fixed.
Fixed an issue where the
ACCOUNT_SECRET
environment variable was overriding theDELEGATE_TOKEN
value in the delegate's Docker container for delegates with an immutable image type (image tagyy.mm.xxxxx
). (PL-40728)The count of failed streams on the Failed Streaming card (on the Account Audit Trail page) continued to include problematic destinations even after those destinations were removed. (PL-40641, ZD-49004)
This issue is now fixed. The error count includes only available destinations.
A role that you created would not appear when you typed its name on the Manage Role Bindings page. Therefore, you could not use the Harness application to bind that role to a user group. The issue was caused by the role assignment API retrieving only the first 100 roles in the ascending order (the page size is 100), and the associated client-side search being limited to those 100 roles. If the role you wanted was not part of this initial set of roles, it did not appear in your search. (PL-40363, ZD-48229)
This issue is now fixed. A newly introduced server-side search includes roles that are beyond the page size limit.
If the renewal of a HashiCorp Vault token that is used for token-based authentication fails, Harness attempts to renew the token perpetually. These attempts load the system and seem amplified in scenarios in which the connector or service is no longer in use. (PL-32647)
To handle such scenarios better, Harness now pauses its attempts to renew a token if two consecutive renewal attempts fail. Harness resumes its renewal attempts when you perform one of the following tasks:
- You update the associated HashiCorp Vault connector.
- You test the associated HashiCorp Vault connector manually and the test succeeds.
Hotfixes
This release does not include hotfixes.
Previous releases
2023 releases
New features and enhancements
Earlier, in the audit trail, all changes to a user principal's role assignment were logged with the generic Update action type. The record offered no additional information about whether a role assignment was created, updated, or deleted. (PL-39799, ZD-46451)
Now, role assignment changes are logged with one of the following, more informative action types:
- Role Assignment Created
- Role Assignment Updated
- Role Assignment Deleted
Earlier, in delegate selection logs, the non-selected error message included all mismatched selectors.
Now, the non-selected error message includes only selectors mismatched within the scope. (PL-40651)
You can now create secrets in child scopes using the parent scope in Secret Manager. For example, you can create secrets inside a project using the Secret Manager created at the Org or Account level. (PL-38949)
Early access features
This release does not include early access features.
Fixed issues
In some scenarios, when the delegate tried to send a heartbeat to connect to Harness Manager and MongoDB was down, Harness Manager sent a self_destruct message to stop the delegate. (PL-38122)
This issue is fixed. Harness Manager no longer sends
self_destruct messages
, the delegate continues to run, and the delegate tries to send a heartbeat again after one minute.The Harness user interface did not give you the option to view more than ten resources in a resource group. (PL-40747, ZD-49413)
This issue is now fixed.
With an earlier update, delegates tried to create a Kubernetes runner, which created an API client using the Kubernetes config. Shell delegates tried to fetch the local config. GKE configurations with expired credentials resulted in an error. (PL-40631)
This issue is fixed. Harness catches the exception and continues with delegate startup.
A few minutes after you linked a Harness user group to a different LDAP group, the change was reverted. That is, the user group gets linked to the previous LDAP group. The behavior persisted even if you deleted the user group, created a new user group with the same name, and then associated it with the second LDAP group. (PL-40558, ZD-48332)
This issue is now fixed.
When adding users to a user group, you had to manually select users from the menu; pasting email addresses in the text box did not work. (PL-40559)
Now, in addition to selecting users from the menu, you can paste users' email addresses in the text box.
Earlier, when you clicked an expired link in an invitation email, Harness displayed the following message: “We couldn’t find an invitation matching the email address you entered. Please search your email for an invitation from Harness or contact your admin." This message was inaccurate. (PL-40597)
Now, Harness displays the following message when you click a link in an expired invitation: "This invitation URL has expired. Please request for a new invitation from your admin."
If the Email step failed to send a notification, the following message was displayed: “Failed to send the email. Check SMTP configuration.” The message did not include any additional information to help you debug the issue. (PL-40007, ZD-47524)
Now, the message has been enhanced to show the cause of failure. It also identifies the delegate that executed the task.
Attempts to use the
harness_platform_user
resource to create or delete users results in an error. The message "Request failed as you have an older version of entity, please reload the page and try again" is displayed and the Terraform state goes out of sync with Harness. (PL-39870, ZD-47107)This issue has been fixed.
Hotfixes
This release does not include hotfixes.
Version 80307
New features and enhancements
To support MongoDB 5.0, the Debezium library has been upgraded to version 1.9. (PL-40491)
If you use the App Role authentication method in the Hashicorp Vault connector, you can choose to cache the vault token. The token is cached on the Harness Delegate for a time duration equal to the TTL of the vault token, with 1% leeway.
By default, caching is enabled for all existing connectors. To disable caching, go to the connector's YAML configuration and set the
enableCache
parameter tofalse
. Harness UI support to enable and disable caching will be added in a subsequent release. (PL-39821)This item requires Harness Delegate version 80308. For information about features that require a specific delegate version, go to the Delegate release notes.
Early access features
This release does not include early access features.
Fixed issues
When you navigated to the Pipelines page, Harness checked for a Continuous Integration license. If you did not have a CI license, you were redirected to the CI Start Trial page because the Pipelines page was once part of the CI module.
The issue has been resolved by the removal of such a check from the Pipelines page on the Projects tab. This change also resolves similar issues involving a redirect to Start Trial pages for other Harness modules. (PL-40611, ZD-48952)
If the number of service instances went down to zero and came back up after a duration of 1 day, they were not displayed on custom dashboards.
This issue is resolved, and custom dashboards now show service instances when the count is greater than zero. (CDS-75585, ZD-47848)
During a long network outage that impacted the delegate, attempts made by the delegate to reconnect the websocket failed. The issue was caused by the delegate attempting to reconnect the websocket only once, after failing to send five heartbeats in succession. (PL-40547, ZD-48579)
The issue is now fixed. During long network outages, the delegate attempts to reconnect the websocket every time it fails to send a heartbeat.
This item requires Harness Delegate version 80308. For information about features that require a specific delegate version, go to the Delegate release notes.
Updates to the role assignments of a user group in one project caused role assignments to get updated in other projects in the organization. The issue was observed in the following scenario:
- You used a regex query to update role assignments in a project.
- Identifiers of other projects in the organization overlapped with that of the project in which you updated role assignments.
- Identifiers of user groups in those other projects matched the identifier of the user group you updated. (PL-39780, ZD-46314)
The issue is now fixed.
Hotfixes
This release does not include hotfixes.
August 10, 2023, version 80208
What's new
Accounts with Free and Community licenses are limited to 100 users. (PL-40260)
The heartbeat interval that perpetual tasks use to test connectors has been increased from 10 minutes to 30 minutes. This change aims to reduce the number of errors logged due to failed heartbeats. The new heartbeat interval is used with any connectors that you create after this deployment. Tasks associated with existing connectors require migration to the new interval. Harness will migrate such perpetual tasks in all accounts in a phased manner. This activity does not require any action from you or other users of the platform. (PL-39399)
Early access
This release does not include any early access features.
Fixed issues
For the Audit Trail, the YAML Difference on the Event Summary pane didn’t include tag information for delegate groups and registers. (PL-40073)
This issue has been resolved.
This item is available with Harness Platform version 80208 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
When configuring an RBAC resource group in Harness Manager, if you discarded your changes, the resource group page showed a list of resources that should not be available at the scope that you are in. (PL-40393, ZD-48270)
This issue has been resolved.
Previously, the Select a Project pane displayed duplicate projects. The issue was caused by Harness Manager allowing users to create projects with the same
projectIdentifier
key in different organizations. (PL-40302, ZD-48700)The issue has been resolved by the use of a unique key that combines the project and organization identifiers.
The Setup Vault step of the Azure Key Vault connector wizard continued to use the previous secret reference even after you changed it. (PL-40269, ZD-48150)
The issue is now fixed, and the wizard reads the latest value.
Harness Manager did not show role assignments for a service account at the organization and project scopes if the parent scope (the account scope and organization scope, respectively) had a service account with the same identifier. (PL-40245, ZD-47906)
The issue is now fixed, and any affected service accounts will be displayed correctly.
Harness API requests for creating an API key for a service account returned an HTTP 200 OK status code even if the API request did not have a valid service account ID. Consequently, the
harness_platform_apikey
resource for Terraform failed to create the API key at the intended scope. The issue was caused by Harness failing to validate the service account identifier. (PL-40243, ZD-47921)The issue is fixed, and service account identifiers are now validated.
The menu for selecting the page size on the account-level Audit Trail page shows the text
Select
by default instead of showing one of the built-in size options of 10, 20, 50, and 100. Additionally, the page displays 25 items by default instead of using one of the built-in size options. (PL-40144)This issue has been resolved.
If Harness could not create the desired role because it encountered an error condition, the role creation dialog displayed an obscure message instead of a user-friendly message. For example, if you included an invalid character in the name of the role, the role creation dialog displayed the message
failed to fetch: 400
instead of a message that called your attention to the invalid character. (PL-40127, ZD-47805)The issue is now fixed, and the dialog shows user-friendly messages.
August 4, 2023, version 80120
What's new
The Universal Base Image Minimal used for the Harness user interface (both FirstGen and NextGen) and the Harness NextGen authentication service has been upgraded to ubi8-minimal:8.8. This upgrade was necessitated by version 8.7 (ubi8-minimal:8.7) reaching end of life. (PL-40095)
Browser tabs did not show informative titles for the Settings, Delegates and FileStore pages. They showed only the generic title "Harness", making it difficult to identify the page you wanted. (PL-39923, ZD-46375)
This issue has been fixed. Browser tabs showing those pages now have more specific titles.
Early access
This release does not include any early access features.
Fixed issues
The YAML diff editor that shows changes to the YAML configuration associated with an event (Account Settings > Audit Trail > Event Summary) showed an inline diff, making it difficult for you to copy changes. (PL-40265, ZD-45911)
The diff editor now displays a side-by-side diff from which you can copy the changes you want.
When you selected a project on the Projects page and then selected Pipelines, you were redirected to the page for getting started with the Continuous Integration module. (PL-40150, ZD-46389)
This issue is now resolved. Selecting Pipelines when on the Projects page now shows you the pipelines in the selected project.
On the Project Connectors page, when you attempt to sort the connectors by when they were last updated, they get sorted by their connectivity status instead. (PL-40013, ZD-47483)
This issue is resolved, and you can now sort the connectors by when they were last updated.
Harness NextGen could not support SMTP without authentication because the user name and password fields were required. (PL-39863, ZD-48323)
This issue has been fixed. The user name and password fields are now optional.
When editing a WinRM credential that referenced a secret in a different scope, the WinRM Credential wizard showed the referenced secret as undefined. This issue was caused by incorrect scope information being sent in the API request. (PL-39707)
This issue has been fixed. The API request now includes the correct scope information.
Instead of displaying an appropriate, RBAC-related message to users who do not have permissions to view the list of delegates, the Account Resources: Delegates page displays a "Failed to fetch: 403 Forbidden" message. (PL-39043)
This issue has been fixed. Now, in this scenario, the page informs such users that they are not authorized to view the page, and it lists the permissions that they require.
Earlier, even though you could use the
JAVA_OPTS
environment variable to specify JVM options for the delegate, you could not override the default JVM options that Harness used, namely-XX:MaxRAMPercentage=70.0
and-XX:MinRAMPercentage=40.0
. The option to override the defaults was unavailable because the value of JAVA_OPTS was prepended to the default JVM options. (PL-38839)This issue has been fixed. The value of JAVA_OPTS is now appended to the default JVM options, thus allowing you to override the default options.
This item is available with Harness Platform version 80120 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
Delegates showed high CPU usage caused by a large number of threads that perform read operations being generated and abandoned. (PL-39797)
This issue has been resolved through improved message read performance and an increased read timeout.
This item requires Harness Delegate version 80104. For information about features that require a specific delegate version, go to the Delegate release notes.
If the delegates that were eligible to execute a pipeline task (delegates that were within the account-organization-project scope of the pipeline and matched any configured delegate selectors) did not have the required tools or connectivity to execute the task, the task timeout message included delegates that did not meet the eligibility criteria. (PL-39624, ZD-46460, ZD-46513)
This issue has been fixed. The message displayed on task timeout has been improved for scenarios in which no delegate matches specified selectors and no delegates are found in the account.
This item requires Harness Delegate version 80104. For information about features that require a specific delegate version, go to the Delegate release notes.
You were allowed to create resource groups with the same identifier as a built-in resource group. (PL-39503)
This issue has been fixed. Validation in the API that creates resource groups now checks whether an existing resource group has the same identifier.
This item requires Harness Delegate version 80104. For information about features that require a specific delegate version, go to the Delegate release notes.
A new
getAzureKeyVaultClient
API is available to fetch the list of Azure vaults. (PL-28392, ZD-44045)This option reduces the time it takes for Harness to reflect a newly-created Azure vault.
This item requires Harness Delegate version 80104. For information about features that require a specific delegate version, go to the Delegate release notes.
July 27, 2023, version 80022
What's new
Earlier, when an administrator enabled the account-level two-factor authentication (2FA) setting, it affected users in the following manner:
- Users who had set that account as their default account received 2FA emails, and the user-level 2FA setting was enabled across all their profiles. The users were not allowed to disable the setting.
- Harness allowed users to modify the 2FA setting only when an administrator disabled the account-level setting subsequently. Even then, the user-level 2FA setting remained enabled, and users continued to receive a 2FA challenge until they manually disabled the user-level setting in their profiles. (PL-39507, ZD-46268)
This behavior has been remediated. When an administrator enables the account-level 2FA setting, Harness sends the users 2FA emails but does not enable the user-level 2FA settings. Users are free to enable or disable the user-level setting in their profiles. When a user attempts to log in to their Harness account, Harness presents them with a 2FA challenge only if one or both of the settings (the account-level setting and the user-level setting) are enabled. If both settings are disabled, Harness does not present a 2FA challenge.
If you attempt to delete a project or organization that includes resources from other Harness modules, Harness first prompts you to confirm the delete action and then prompts you to enter the name of the project or organization. This two-step procedure gives you an opportunity to consider the impact that your action might have on other modules. (PL-32376, ZD-42691)
Delegate selection logs now include the
DelegateId
,DelegateName
, andhostname
. (PL-37913) This item is available with Harness Platform version 80022 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.You can now configure the
create_namespace
Terraform parameter to disable default namespace creation. Set the parameter tofalse
in themain.tf
file to disable namespace creation. (PL-39822, ZD-47021) This item is available with Harness Platform version 80022 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
Early access
This release does not include any early access features.
Fixed issues
API calls that requested role assignments filtered on user groups or service accounts (that is, API calls that used the
roleassignment/filter
endpoint withprincipalTypeFilter
set to USER_GROUPS or SERVICE_ACCOUNTS, respectively) returned an empty body. (PL-39888, ZD-47208)This issue is now fixed, and you can use the API to fetch role assignments for user groups and service accounts in any scope.
If you failed to specify the scope for a resource group that you created with the Harness API, Harness failed to apply a default scope, which it was expected to infer from the API request's query parameters. (The Harness UI, on the other hand, behaves as expected: it sets the default scope of the resource group to the scope that you are in when creating the resource group.) This behavior led to eligible users being unable to perform operations on the resource group. (PL-39271, ZD-45488)
This issue is now fixed. If you do not specify a scope for the resource group when using the API, Harness sets the default scope correctly, and eligible users should be able to perform operations on the resource group.
API requests to update a remote template did not update the
lastUpdateAt
field in the template. (CDS-72098)This issue is now fixed.
The user interface of the approval step is inconsistent with the saved contents of the User Groups field. Sometimes, the field omits some of the previously saved user groups but shows the correct count. At other times, it lists all of the previously saved user groups but shows a lower count. (PL-39294, ZD-45548)
This issue is now fixed.
July 18, 2023, version 79916
What's new
The Go library has been upgraded from 1.20.4 to 1.20.5. (PL-39700)
The upgrade fixes the following CVEs:
You can now view delegate logs when validating a connector that uses a delegate to establish connections. (PL-37919)
Previously, when password-based authentication was used with OAuth, the functionality of auto-accepting invites was not available. Now, when Oauth is enabled for an account, invites are automatically accepted. (PL-31936, ZD-40182)
User names cannot exceed 256 chars. (PL-21254)
The List Tokens API now supports listing all the personal access tokens or service account tokens in the account. The API has been enhanced as follows:
- If you have user management permissions, you can list all the personal access tokens in your account. You can also filter tokens belonging to a user or filter only active tokens.
- If you have service account management permissions, you can list all the service account tokens in your account. You can also filter tokens for a service account or filter only active tokens. (PL-31870, ZD-40110)
This item requires Harness Delegate version 79904. For information about features that require a specific delegate version, go to the Delegate release notes.
Early access
This release does not include any early access features.
Fixed issues
Previously, regardless of whether your account was on Harness NextGen or Harness FirstGen, Harness sent password reset emails from Harness FirstGen. This approach failed for accounts that are only on Harness NextGen. (PL-38735)
Now, for accounts that are only on Harness NextGen, Harness sends password reset emails from Harness NextGen.
You could not create Azure Key Vault connectors in Harness NextGen even when you used the service principal credentials that successfully created Azure Key Vault connectors in Harness FirstGen. After you entered the service principal credentials, the Vault setup window stopped responding. After several minutes, the following message was displayed: None of the active delegates were available to complete the task. ==> : 'Missing capabilities: [https:null.vault.azure.net]' (PL-39783, ZD-46756)
This issue is now fixed.
This item requires Harness Delegate version 79904. For information about features that require a specific delegate version, go to the Delegate release notes.
The AWS connector widget's prefix field did not accept prefixes starting with a slash. Such slashes were stripped off, and this led to undesired behavior. (PL-39194, ZD-45104)
Prefixes that begin with a slash are now supported.
This item requires Harness Delegate version 79904. For information about features that require a specific delegate version, go to the Delegate release notes.
Account-level connectors with resource groups set to Specified were not available at the project-level. (PL-38828, ZD-44474).
This issue is now fixed. The connectors list shows the connectors for which users have resource group permissions set.
This item requires Harness Delegate version 79904. For information about features that require a specific delegate version, go to the Delegate release notes.
July 06, 2023, version 79811
What's new
Harness now allows special characters in usernames. (PL-39564, ZD-46487)
You can now view delegate logs when validating a connector that uses delegates to establish connections. (PL-37919)
When creating Azure Key Vault, you can now manually enter the vault name. (PL-32773, ZD-44045)
Early access
This release does not include any early access features.
Fixed issues
It was possible to edit project identifiers. (PL-39609)
A code enhancement has fixed this issue.
June 28, 2023, version 79714
Platform new features
There is now a limit of 100 API Tokens per free and community account. (PL-39337)
When configuring SMTP, you can now select specific delegates in Delegates Setup. (PL-39024)
You can now sort pipelines in the pipelines list by selecting the sortable column headers or the sort dropdown. (PL-31527)
Early access
This release does not include any early access features.
Platform fixed issues
SAML provider Name and Friendly Name fields allowed special characters. (PL-39070)
This issue is fixed by
displayName
andlogoutURL
field validations. ThedisplayName
only allows alphanumeric characters,_
,-
,.
, and spaces. ThelogoutURL
must be a valid HTTPS URL format.When creating a service account with the same name in a different scope, an error was thrown. (PL-38885)
A code enhancement has fixed this issue.
When ALL scope was selected on the Role binding page for a specific user, incorrect data was displayed. (PL-38426, ZD-43503)
A code enhancement has fixed this issue.
Deletion of vault connectors does not delete the corresponding perpetual tasks. (PL-27621)
A code enhancement has fixed this issue.
Account-level connectors with resource groups set to Specified were not available at the project-level. (PL-38828)
This issue is fixed with a code enhancement. The connectors list now shows the connectors for which users have resource group permissions set.
This item requires Harness Delegate version 79707. For information about features that require a specific delegate version, go to the Delegate release notes.
The account-level Session Timeout (in minutes) allowed values greater than the 4320 minute maximum. (PL-32498)
This issue has been resolved by adding a code validation. The field no longer accepts values above 4320 minutes.
This item requires Harness Delegate version 79707. For information about features that require a specific delegate version, go to the Delegate release notes.
June 19, 2023, version 79606
Platform new features
In earlier releases, users were allowed to include the following special characters in the user name field in their profile: colon (
:
), slash (/
), less than sign (<
), greater than sign (>
), equal sign (=
), and parentheses ((
and)
). Support for these special characters allowed malicious users to inject HTML and JavaScript code into deployment-related emails such as approval emails. (PL-39099)For enhanced security, Harness no longer allows a user to include these special characters in their name. If an existing user name has any of these special characters, Harness does not include the special characters when adding the name to emails.
Free and Community accounts are now limited to 100 connectors. (PL-32654)
The dialog for adding an encrypted text secret now includes an option to test a referenced secret. (PL-31083)
The dialog that enables you to select a connector did not list connectors in any order. (PL-27568)
This release adds a menu that you can use to sort the listed connectors in various ways (for example, by name or by date).
In earlier releases, you could change the Git branch only in Pipeline Studio. (CDS-68007)
Starting with this release, you can also change the branch in the dialog for running a pipeline. You can also run the pipeline from any branch directly from the pipeline listing page.
Early access
This release does not include any early access features.
Platform fixed issues
Certain users see the following message when they select the Connectors page for their project: "You are not authorized to view default settings. You are missing the following permission: "View default settings" in Account scope." (PL-39221, ZD-45360)
This issue has been fixed by the removal of an account-level permission check that has been deemed unnecessary.
SCIM PATCH requests for deleting a Harness user return a “user does not exist” message in a successful delete operation. (PL-38868, ZD-44150)
This issue has been resolved by returning a NULL response in the Patch operation to delete a user.
In earlier releases, the button for managing role bindings for users, user groups, and service accounts was named +Role. However, given that you can also remove role bindings in the Manage Role Bindings dialog, the button has been renamed to Manage Roles. (PL-28484)
Improved randomness when there are multiple eligible delegates with no tasks running to avoid selecting the same delegate each time. (PL-39219)
This item is available with Harness Platform version 79606 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
June 09, 2023, version 79516
Platform new features
There is now an additional tab on the Create or Select Existing Connector dialog called
All
that lists connectors from all scopes (project, organization, and account). (PL-39029)The Go library has been upgraded from version 1.19.8 to 1.20.4. (PL-39026)
You can now delete externally managed users from the Harness UI. (PL-38974)
Harness recommends using this action with caution since it may result in data inconsistencies between Harness and the identity provider.
The Go library for yq has been upgraded from version 1.19.8 to 1.20.4. (PL-38952)
On your profile, you can now access projects by selecting project cards. (PL-38570)
Secret references now have a validate button to verify if the path is valid. (PL-31083)
This item is available with Harness Platform version 79516 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
Early access
This release does not include any early access features.
Platform fixed issues
The user invite API returned an HTTP status code of 200 if the invited user had an invalid TLD. (PL-38938)
This has been fixed, and the API now returns a status code of 400.
It was mandatory to enter email addresses even if Send email to all users in a user group was checked in Notification Preferences. (PL-38910)
A code enhancement fixed this issue.
Deprovisioning user accounts from Harness resulted in Okta errors. (PL-38868, ZD-44150)
A code enhancement fixed this issue.
An attempt to edit a secret sent repeated requests to the backend if the secret was not found. (PL-32313)
A code enhancement fixed this issue.
When SMTP was not configured, password reset did not throw an error. (PL-24542)
A code enhancement fixed this issue.
The expressions corresponding to objects like list, maps, and so on were incorrectly converted to string type using the Java String.valueOf method resulting in incorrect formatting. (CDS-71619)
This issue is fixed and the output values for expressions are returned as JSON objects.
June 01, 2023, version 79411
You can now fetch the list of delegates registered to an account using the Harness API. You can also filter these by scope, tags, status, and version. (PL-37981, ZD-40508,40688)
This item is available with Harness Platform version 79411 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
You can now use the legacy UI to create delegates. (PL-38937)
This item is available with Harness Platform version 79411 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
You can now see the total number of secrets in the secrets list and sort them by various columns. (PL-31528)
This item is available with Harness Platform version 79411 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
Early access
This release does not include any early access features.
Fixed issues
Delegate instances that do not shut down gracefully and do not come back online are removed from the UI after three hours. (PL-38755)
This item is available with Harness Platform version 79411 and does not require a new delegate version. For information about Harness Delegate features that require a specific delegate version, go to the Delegate release notes.
The SSH secret reference gets created even if secret creation fails due to a validation error. (PL-38549, ZD-44073)
Reference creation now only occurs if the SSH secret is created.
The error message displayed during pipeline execution when connector permissions are missing is unclear. (PL-32662)
A code enhancement to display an appropriate error message fixed this issue.
The creation of SSH or WinRM secrets in a project or organization after disabling Harness' built-in secret manager is not supported. (PL-32562)
A code enhancement has fixed this issue.
The comparison of email addresses during sign in is case-sensitive. (PL-32198)
A code enhancement has fixed this issue.
The error message displayed when permissions are missing during pipeline execution does not mention the corresponding resource Id. (PL-31350)
A code enhancement to display the resource Id in the error message fixed this issue.
May 23, 2023, version 79306
What's new
The Connector Details page now shows whether a connector is connected via a delegate or via Harness Platform. (PL-32673)
When steps or stages fail with a Ignore Failure strategy, their status is displayed as Success (Failure Ignored) instead of Failed. (CDS-67670)
You can now reject old executions waiting on approval when new ones are approved by using the Auto-Reject previous deployments paused in this step on approval option in the Harness Approval step. (CDS-58063)
You can now view the most recent delegate task details and their corresponding selection logs for approvals. The details of the latest delegate task are automatically updated. (CDS-57927)
You can view task details for the following:
- ServiceNow
- Jira
- Custom Approvals
A warning now appears if you try to save a template with an existing identifier and an updated version label. This warns you that it will be merged with the existing template (upon confirmation). (CDS-47301)
The Azure Key Vault secret manager now supports creating secrets with expiration dates. Select Expires On to set a secret expiration date. The Harness Delegate version 79307 is required for this feature. (PL-32708, ZD-42524)
AuthZ now considers the SAML setting that the user logged in to when multiple SAML settings are present and the user belongs to more than one of them. The user will be removed from any other SAML settings that the same user might have been part of and synced with Harness through previous SAML logins. (PL-32484)
Early access
This release does not include any early access feature.
Fixed issues
The email address is displayed instead of the display name for users created through Okta. (PL-38479, ZD-43201)
A code enhancement to populate name with the display name fixed the issue.
The email step in the pipeline succeeds and is not marked as failed, even if email delivery fails. (PL-38440, ZD-43831)
A code enhancement fixed this issue.
The LAST ACTIVITY column in the Connector List page is not updated. (PL-32582, ZD-42966)
This column has been removed, and the UI no longer displays this.
The secrets list API return a status code of
200
when permissions are missing. (PL-26474)The API now returns a status code of
403
when permissions are missing on secrets.Conditional Execution's default value is incorrect in the UI. (CDS-68600)
A code enhancement to remove the default selection fixed this issue.
In Service Dashboards, tabular data does not appear for empty artifacts. (CDS-68100)
A code enhancement fixed this issue.
Fields in the Run Pipeline view are not aligned correctly. (CDS-67966)
A code enhancement fixed this issue.
The pipeline error message does not display the variable name when variable evaluation fails. (CDS-67559)
A code enhancement to display the variable name in the error message fixed the issue.
When an entity is not found in the Git experience, there is no detailed error message displayed. (CDS-67500)
A code enhancement to display the repository and branch name in the error message fixed the issue.
The interrupt functionality for chained pipelines does not work. (CDS-59374)
A code enhancement to pass the required parameters for the child pipeline fixed this issue.
Custom Secret Manager creation does not consider the delegate selector. (PL-32260)
In Custom SM configuration, decrypting secrets using the SSH connection to validate delegate selection fixed this issue. The Harness Delegate version 79307 is required for this fix.
Invites to users fail with an unauthorized error while RBAC setup is still in progress. (PL-32117)
A polling system ensures that RBAC setup has been completed. The Harness Delegate version 79307 is required for this fix.
May 04, 2023, version 79214
What's new
- You will now receive an alert on the default settings page when there are unsaved changes and you leave the page. (PL-32354)
Early access
This release does not include any early access feature.
Fixed issues
In Group Memberships, the selected scope value does not match the scope of the displayed user groups. (PL-32552)
A code enhancement to fetch data corresponding to the selected scope has fixed the issue.
Pagination does not work correctly in the Group memberships page.(PL-32551, ZD-42803)
A code enhancement fixed this issue.
The option to remove a secret is hidden when it has a long name. (PL-32571)
A code enhancement fixed this issue.
April 22, 2023, version 79111
What's new
You can now configure session time-out in the UI. (PL-32258) In case of inactivity, Harness logs users out of their accounts after the configured session timeout.
You can now add descriptions to pipeline and stage variables. (PIE-3336)
Early access
This release does not include any early access feature.
Fixed issues
The creation of secrets on Custom Secret Manager validates the existence of those secrets. (PL-31715) A code enhancement to remove secret validation during Custom Secret Manager creation has fixed the issue.
The tooltip for Optional Configuration in Run Step flashes in and out in a loop, making it difficult to read the text.(PL-32462, ZD-42201) A code enhancement fixed this issue.
It is possible to delete an encrypted text or file secret, even if it is referenced by another secret. (PL-31037) A code enhancement fixed this issue.
The cache response metadata gets added to YAML when an input set for a pipeline is edited. (PIE-9487, ZD-42516) A code enhancement to validate the input set YAML after integrating input set caching fixed the issue.
Logs for chained pipelines are not visible. (PIE-9242, ZD-42050) A code enhancement fixed this issue.
April 10, 2023, version 79015
What's new
You can now navigate to the parent organization by selecting its name on a project details page. (PL-32182, ZD-41785)
Harness Git Experience now supports GitLab as a code repository. You can now select a Harness connector with any of the following Git providers to save entities in a repository: (PIE-9139)
- Github
- Bitbucket
- AzureRepo
- Gitlab
You can now open the modal in the template studio to see all applicable metadata such as a description, tags, connector, and repository name. (PIE-8692)
Early access
This release does not include any early access feature.
Fixed issues
Role assignments by Scope filter do not populate usernames or email addresses for existing users. (PL-32206) A code enhancement fixed this issue.
When polling, the stage selection flickers on the pipeline execution page. (PIE-9360, ZD-42361) A code enhancement fixed this issue.
During pipeline execution, failure strategies are prompted even when not configured as inputs. (PIE-9277, ZD-41602) The pipeline and template studio no longer display the failure strategy runtime panel when failure strategy is not marked as runtime.
March 31, 2023, version 78914
What's new
- The favicon now dynamically changes based on pipeline execution status on the dashboard's execution view. (PL-31520)
Early access
This release does not include any early access feature.
Fixed issues
JWT log sanitizer throws a null pointer exception when it receives null log messages. (PL-32136)
A code enhancement to add an empty check before sanitizing a log line for secret and JWT masking has fixed this issue.
When an author's GitLab profile does not include a public email, the email attribute in the webhook payload appears as
REDACTED
. (PL-31795)A code enhancement has fixed this issue.
When creating Azure Key Vault and HashiCorp Vault connectors, selecting invalid delegate selectors displays an "UNKNOWN ERROR". (PL-30660)
A code enhancement to display appropriate error message has fixed this issue.
March 24, 2023, version 78817
What's new
You can now add specific service accounts to your resource group. (PL-31867)
By doing this, you can prevent accidental or deliberate misuse of API keys by restricting who can generate them from which service accounts.
You can now enter usernames as a comma separated string while adding users in Users(name or email). (PL-29630)
Early access
By enabling the feature flag,
PL_NEW_SCIM_STANDARDS
, any CRUD operation on a user now returns the details of the user groups that the user is part of. (PL-31496)You can use this to verify what groups a given user belongs to.
Fixed issues
A failed decryption of secrets managed by the Harness Secret Manager causes the secret value inside values.yaml to be resolved as null. (PL-32043)
The pipeline execution now fails with an exception if there is a failure in decrypting secrets.
Despite having an active license, the CD module is not visible. (PLG-2047)
A code enhancement has fixed this issue.
SMTP configurations with special characters in the SMTP configuration name throw an
Invalid request
error. This happens because the SMTP configuration name is used to construct the secret name, and secret names should not have any special characters. (PL-31774, ZD-40679)This issue has been fixed by replacing special characters in SMTP configuration names with
-
before creating secrets.User invites throw an
Invalid request
error when 2FA is enabled in the Account scope. (PL-31276)A code enhancement has fixed this issue.
A Harness account link that doesn't contain
#
but includes an account Id without any routing Id details crashes the gateway withHTTPHeader too long exception
. This results in anHTTP 413
response code. (PL-31154)Addition of a cluster URL for remote entry files has fixed this issue.
Connectors are not sorted alphabetically on the Connectors page. (PL-27510)
A code enhancement has fixed this issue.
Clicking Retry does not display the list of pipelines in the Pipelines page. (PIE-8874)
A code enhancement has fixed this issue.
March 15, 2023, version 78712
What's new
The Harness UI now supports editing the email domain when creating a Service Account. Previously, the email domain was auto-generated and there was no option to edit it. (PL-31769)
You can now migrate only the admin users of FirstGen to NextGen by enabling the feature flag
PL_DO_NOT_MIGRATE_NON_ADMIN_CG_USERS_TO_NG
. Previously, all FirstGen users were migrated to NextGen along with the admins. (PL-31648)The List Role Assignments by scope filter API now supports the following filters:
Principal Type Filter: Filters role assignments based on principal type.
Harness Managed Filter: Filters role assignments based on roles managed by Harness. For example, an Account Administrator.
Disabled Filter: Filters disabled role assignments. (PL-31352)
Filters for audit trails are now listed alphabetically. (PL-31204)
Template expressions now support
when
conditions. (PIE-8762)
Early access
Harness now populates
givenName
andfamilyName
for users via SCIM and returns the same when a GET, CREATE, or UPDATE request is made. (PL-31498)This is behind the feature flag
PL_NEW_SCIM_STANDARDS
.The response of a CRUD operation on a user or user group now contains the following meta fields as per the SCIM 2.0 standards:
createdAt
lastUpdated
version
resourceType (PL-31497)
This is behind the feature flag
PL_NEW_SCIM_STANDARDS
.
Fixed issues
The template service APIs do not have trace filters. (PL-31829)
Template service now includes an open telemetry trace filter and the responses have
X-Harness-Trace-ID
in the header.The sorting of updated projects fails since the CreatedAt field is null when updates are saved. (PL-31794, ZD-40783)
A code enhancement has fixed this issue. You can fix this issue in older projects by making a dummy update like adding a comment.
Harness UI allows creation of inline secrets in a read-only vault secret manager. (PL-31646, ZD-40401)
A code enhancement has fixed this issue.
The enterprise HashiCorp vault's namespace feature does not delete secrets. (PL-31456, ZD-39470)
A code enhancement has fixed this issue.
User alerts are enabled even when notification preferences are disabled. (PL-31144)
A code enhancement has fixed this issue.
Recently added roles are not displayed in the manage role bindings settings. (PL-30560)
A code enhancement has fixed this issue.
Secrets and connectors have different YAML views. (PL-27721)
UI enhancements have fixed this issue.
A chained pipeline fails to run because the user cannot enter the codebase branch. (PIE-8720, ZD-40821)
A code enhancement has fixed this issue.
A pipeline becomes unresponsive when invalid YAML is pasted in the run pipeline form. (PIE-8668)
The issue has been fixed by adding a check for invalid pipeline YAML when pipeline is added via the YAML pipeline studio.
The table view on the pipelines list page is reset to page 1 when a pipeline is deleted. (PIE-8572)
A code enhancement has fixed this issue.
Pre-flight check does not work with selective stage execution and pipeline YAML validation fails. (PIE-8476)
Users can now skip or select pre-flight checks and the pipeline runs successfully.
After pipeline failure, the console view does not show error details. (PIE-8229)
A code enhancement has fixed this issue.
The API to retrieve filtered pipeline executions does not return executions that are successful in the UI, but failed in the backend. (PIE-8042)
A code enhancement has fixed this issue.
Important announcement
The following API endpoints have been deprecated:
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/createResourceGroup
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/deleteResourceGroup
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/getResourceGroup
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/getResourceGroupList
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/getFilterResourceGroupList
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/updateResourceGroup
The following API endpoints must be used:
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/createResourceGroupV2
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/deleteResourceGroupV2
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/getResourceGroupV2
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/getResourceGroupListV2
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/getFilterResourceGroupListV2
- https://apidocs.harness.io/tag/Harness-Resource-Group#operation/updateResourceGroupV2 (PL-31211, ZD-37398)
March 08, 2023, version 78619
What's new
Sorting functionality is available on the triggers listing page. (PL-31530)
You can sort triggers according to the following:
- Name
- Creation date
The List User Groups API now supports
INCLUDE_CHILD_SCOPE_GROUPS
as an additional filter type value. (PL-31353)This filter allows API responses to include child-scoped user groups.
You can now access your account immediately after resetting your password. (PL-30878)
You can configure the HashiCorp Vault connector to use AWS Auth authentication without providing
X-Vault-AWS-IAM-Server-ID
. (PL-30628, ZD-36826,39745)It is now an optional field.
In the execution view, failed stages are now sorted before success stages when parallel stages are used. (PIE-2518)
This makes it easier to choose failed stages.
The feature flag
FF_ALLOW_OPTIONAL_VARIABLE
now lets you make runtime variables optional in pipelines and stages. (PIE-8209)
Early access
This release does not include any early access feature.
Fixed issues
The encryption type for GCP Secrets Manager in the Terraform plan step is incorrect. (PL-31684,ZD-40381)
The encryption type is correct now.
The execution of a chained pipeline with triggers fails with the error "User is not authorized". (PL-31594,ZD-39808,39954,40294,40337,40662)
A code enhancement has fixed this issue.
There is a conflict between the schema names for
InviteDTO
andSecretManagerMetadataRequestDTO
, causing an issue with Terraform Provider. (PL-31626)Renaming the schema name of
SecretManagerMetatadataRequestDTO
has fixed the issue.During search, an incorrect message is displayed in the pipeline chaining selection window if no pipeline matches the selection criteria. (PIE-8526)
The message now includes information about the scope and repository.
On the Input Sets page, the Clone option is disabled. (PIE-8373)
The option has been removed.
February 23, 2023, version 78507
What's new
The new delegate installation wizard is now generally available. (PL-31305)
You also have the option to revert to the previous installation method if desired.
A warning message now appears in the UI when you delete a project or organization. Deletions require confirmation from the user. (PL-31292)
This enhancement prevents the accidental deletion of important projects or organizations and provides an extra layer of caution for users.
The entities reference page has been improved to provide detailed information about each reference. (PL-31247)
The following details were added to the existing reference pages:
- Date or timestamp
- Name and type of entity
- Scope of reference
These enhancements provide comprehensive information about each reference.
Sorting functionality is available on the project listing page and the project selector dropdown. (PL-27493) With this enhancement, you can easily sort and find projects you need and organize them according to your preferences.
You can now change stages without losing the values you enter in the Run Pipeline form. (PIE-4663)
Early access
This release does not include any early access feature.
Fixed issues
HTML injection occurs due to a lack of server-side validation. (PLG-657)
Server-side validation now occurs.
The UI does not display an error message when the referred connector in infra does not exist.(PL-30130)
An enhancement to the error-handling system enables an error message to appear when the connector API fails.
The warning corresponding to permissions does not display properly in organization settings. (PL-31278)
An enhancement to the width of the warning fixed the issue.
Removing the default value from a variable in a service results in the addition of
.nan
as the default value in the YAML. (PIE-8129)In the absence of a value, the default value is now removed from the YAML.
February 15, 2023, version 78421
What's new
The Redisson client library has been upgraded to version 3.17.7 across all services for enhanced performance and bug resolution. (PL-31136) This update will not affect any business operations.
The Role Assignment API now includes the principal's name and email address in the response.(PL-31064, ZD-36050)
Harness now supports the integration of GCP Secrets Manager for all users. (PL-31051)
For more information, see Add a Google Cloud Secret Manager
There is a limit on the number of entities that can be created for FREE and COMMUNITY users in Harness. (PL-30838)
Following are the entity creation limits:
- Project - 100
- Secrets - 100
- Variables - 100
- User groups -100
- Service accounts - 100
You can now add policy sets under the Advanced section of each step. (PIE-7794)
In this way, you can validate step outputs generated during pipeline execution without explicitly requesting a payload. Policy sets receive the steps and their outputs as payloads, with a pre-defined schema for every step.
Accessing the CD module redirects you to one of the following:
Get Started: If you don't have any pipelines in your project.
Deployment list page: This is the default selection page. (PIE-7625)
Early access
No early access features are available in this release.
Fixed issues
The Remove option is disabled for the first user added to a user group through SCIM. A code check prevents the deletion of a user from a user group if the user is externally managed. (PL-31125, ZD-39358)
This issue has now been resolved and users can now remove any user from a user group created through the Harness UI.
Deletion of externally managed users from organizations and projects is disabled. (PL-31104, ZD-39109,39110)
A code enhancement has fixed this issue.
Capitalization of user emails in SCIM impacts SAML authentication. (PL-31038)
A code enhancement has fixed this issue.
When trying to delete or update an externally managed user group in Harness, the error message is unclear. (PL-30641)
It has been enhanced to "User is externally managed by your Identity Provider and cannot be deleted via UI / API. To delete the user from Harness, delete it from your Identity Provider."
The default secret manager does not appear in the Secrets Manager list when there are more than 100 secret managers.(PL-29635)
A code enhancement has fixed this issue. The default secret manager is now displayed if you enter its name in the Secrets Manager field.
Deletion of vault connectors does not delete the corresponding perpetual tasks. (PL-27621)
A code enhancement has fixed this issue.
When using Firefox, the YAML Difference is not displayed in the audit trail summary. (PL-25659)
A change in the configuration to load the web workers fixed this issue.
When the pipeline is not saved in the default branch in Git, the retry pipeline does not work. (PIE-8132)
A code enhancement has fixed this issue.
In pipeline execution, the YAML builder does not support read-only operations and throws an error. (PIE-8040)
A code enhancement has fixed this issue.
The pipeline execution details page does not have a View Compiled YAML option.(PIE-7967)
This option is now available on the execution page.
Creating an input set results in an error. (PIE-7849, ZD-39180,39240,39250)
A code enhancement has fixed this issue.
February 6, 2023, version 78321
What's new
The pages in app.harness.io autofocus the search input box by default. (PL-30656)
This results in a seamless search experience.
Entities in Harness can now have
/
for the Name. (PL-29929)Looping strategies, including matrix and parallelism strategies, are no longer behind a feature flag. (PIE-5010)
Early access
- You can delete a user provisioned in Harness through SCIM in NextGen and retain the user in FirstGen by enabling the feature flag
PL_USER_DELETION_V2
. (PL-23577)
Fixed issues
In the SCIM API, the Groups endpoint returns all the user groups associated with an account. The ResourceTypes endpoint also returns incorrect information. (PL-30862)
A code enhancement has fixed this issue. The Groups endpoint returns only externally managed user groups and the ResourceTypes endpoint returns details as per the schema.
The user group details page in the project and org scope does not display correctly when opened using the Open in new tab option. (PL-30911)
An enhancement to the code has fixed this issue.
The email update for SCIM users does not work. (PL-30439)
A code enhancement to support user metadata updates has fixed this issue.
Force deletion of a secret used for the creation of a secrets manager throws an incorrect error. (PL-29983)
This has been fixed by displaying the appropriate error message.
Pipelines with input sets and triggers chained together do not display input set fields correctly. (PIE-7681)
An enhancement to the code has fixed this issue.
If an execution has a matrix strategy, the text on the pipeline execution page overlaps. (PIE-7429)
An adjustment to the height of the matrix wrapper has fixed this issue.
API PUT operations for Bitbucket SaaS and on-prem connectors return an incorrect status code when there are no changes. (PIE-6230)
A modification to the error message to display an appropriate explanation of the error has fixed this issue.
January 17, 2023, version 78214
What's new
This release introduces a dedicated release notes page for Harness Delegate — SaaS. You can find release notes for the NextGen delegate at Delegate.
Early access
No early access features are available in this release.
Fixed issues
The Harness APIs return a status code of HTTP 400 instead of HTTP 401 for an invalid or expired token. (PL-30757, ZD-38494,38547)
An enhancement to the code has fixed this issue.
The project selector component selects multiple projects with the same project name across different organization IDs.(PL-30663)
The project selection code has been enhanced to select projects corresponding to specific organization IDs.
The error message displayed when creating the GitHub connector and selecting Harness Platform as the connectivity option is not clear and informative. (PL-29953)
Modifying the error message to indicate that the secret manager being used is not Harness' built-in secret manager fixed the problem.
January 10, 2023, version 78105
Delegate version: 78100
Important announcements
Update repository references to the NextGen Helm delegate
The location of the repository that contains the NextGen Helm chart is changing. Change your references to the repository location from https://app.harness.io/storage/harness-download/delegate-helm-chart/ to https://app.harness.io/storage/harness-download/harness-helm-charts/. Updates to the chart will not be made to the deprecated repository.
The following role-assignments are removed for all the existing users across all the accounts:(PL-28848)
- Account Viewer - All Account Level Resources: This was a role-assignment within the account scope and has been removed for all the users.
This does not apply in the following scenarios:
- If an account has enabled the feature flag
ACCOUNT_BASIC_ROLE_ONLY
. - If an account does not have the Account Viewer - All Account Level Resources role-assignment for the built-in user group
All Account Users
.
- If an account has enabled the feature flag
- Organization Viewer - All Organization Level Resources: This was a role-assignment within the organization scope and has been removed for all the users.
- Project Viewer - All Project Level Resources: This was a role-assignment within the project scope and has been removed for all the users.
For more information, see Built-in user groups
What's new
Secrets and connectors now have a character limit of 128 for the Name and ID fields. (PL-29887)
The Role-Assignments API now fetches role assignments by scope. (PL-29496, ZD-36050) This helps you keep a track of the role assignments within a specific scope.
The repository location of the Helm chart for the NextGen delegate is changing. (DEL-5576)
The repository is being deprecated. Updates to the chart will not be made to https://app.harness.io/storage/harness-download/delegate-helm-chart/ and will not be available from that location. To ensure retrieval of the most recent Helm chart, update your repository references to https://app.harness.io/storage/harness-download/harness-helm-charts/.
Early access
No early access features are available in this release.
Fixed issues
Inline selection does not display connectors and secrets according to their scope. (PL-30655)
An enhancement in the pre-select logic has fixed this issue.
In spite of selecting Start TLS in the UI, the SMTP configuration does not support StartTLS. (PL-30574)
A code enhancement has resolved this issue.
The Get Resource Group API returns an HTTP 200 response code when an entity is missing. (PL-30236)
This has been fixed, and the API now returns an HTTP 404 response code if an entity is missing.
Editing a connector through connector selection does not automatically select it. (PL-28175)
Enhancing the connector selection component logic to pre-select the connector in the list if it is in edit mode fixed this issue.
Unauthorized user login to a Harness account displays a white label error. This happens when the account has SAML enabled with restricted email domain access.(PL-15022)
This has been fixed by displaying appropriate error message.
The date format in Pipeline Studio is incorrect. (PIE-7040)
Changing the date format to
DD/MM/YYYY
has fixed this issue.Input sets with expression set fields does not support autocomplete. (PIE-6990)
The addition of pipeline variables context provider to the input set form has fixed this issue.
A hover over the stage does not display the condition details for skipping the stage. (PIE-6987)
A correction to the path used to collect the details has fixed this issue.
- Changed how the NextGen Docker delegate is identified in the delegate section log. The Docker delegate is now identified by the delegate ID, which is the concatenation of
delegateName
anddelegateHostName
. This replaces the use of the delegate name (delegateHostName
), which was usually thecontainerId
value. (DEL-5280)
- Changed how the NextGen Docker delegate is identified in the delegate section log. The Docker delegate is now identified by the delegate ID, which is the concatenation of
Changed the behavior of the delegate dropdown menu. The UI core library was updated to add a parameter that prevents the reset of expanded states when new data loads in a table. This resolved an issue with the dropdown menu collapsing automatically. (DEL-5541)
Fixed a problem that was causing the
kryo
component to fail. The problem was caused when nestedjava.lang.RuntimeException
errors occurred during manager response. (DEL-5609)
2022 releases
December 22, 2022, version 77908
Delegate version: 77802
What's new
API support for discovery of SCIM service provider features and schema. (PL-29069)
Harness now supports the following three HTTP GET API endpoints to facilitate the discovery of SCIM service provider features and schema. These endpoints are defined in SCIM 2.0:
ServiceProviderConfig
ResourceType
Schemas
Early access
No early access features are available in this release.
Fixed issues
Changed how the delegate handles secrets. Multiline secrets are now detected and masked appropriately. (DEL-5510)
Changed the display of delegate version information in Harness Manager to exclude minimum version information for delegates that are not connected. (DEL-5523)
The Create Resource Group API returns an HTTP 500 response code when the included scopes are blank. (PL-30195, ZD-37663)
This has been fixed by adding a null check and throwing a null pointer exception when the included scopes are left blank.
Editing a connector through connector selection does not automatically select it. (PL-28175)
Enhancing the connector selection component logic to pre-select the connector in the list if it is in edit mode fixed this issue.
Entering an invalid value for
tenant_id
does not throw any error and allows selection of previously loaded vaults in Azure Key Vault secret manager. (PL-28136)Displaying an appropriate error message and setting the vault value to empty when there is an error in fetching vaults has fixed this issue.
Searching for email addresses to add users to user groups does not show any results. (PL-27797)
Changing the filter logic to search using the email address as well as the user name has fixed this issue.
The date format in Pipeline Studio is incorrect. (PIE-7040)
Changing the date format to
DD/MM/YYYY
has fixed this issue.Retrying a failed pipeline does not populate the start pipeline dialog with the input values from the previous execution. (PIE-6780, ZD-37648)
Resetting the input set form with values from Formik has fixed this issue.
If the environment details are blank in the deploy stage settings, clicking the Service tab throws an error. (PIE-6240)
Adding backward compatibility for the tabs has fixed this issue.
December 13, 2022, version 77808
What's new
You can now refer to existing secrets of Azure Key Vault, AWS secret manager, and GCP secret manager. (PL-29915)
With this enhancement, you need not create secrets in Harness. You can use expressions to reference the secrets already existing in the mentioned secrets managers. For more information, see Reference Existing Secret Managers Secrets.
You can now use the Git client to commit changes while creating or updating pipelines using Bitbucket on-prem as the Git provider. (PIE-6423)
To do this, enable Use Git client for commits in the default settings at the account scope. Harness checks out the code on the delegate and uses the Git client to make the commits to your Git repository.
Early access
No early access features are available in this release.
Fixed issues
Executing a pipeline with multiple states causes issues and results in incomplete execution. (PIE-6893)
This happens when one of the steps of the pipeline deploys a single service to multiple environments with GitOps.
An enhancement in the logic has fixed this issue and the pipeline now executes completely.
When running a preflight check with an empty field in input sets, the error message displays incorrectly. (PIE-5788)
A correction to the error message has fixed this issue.
December 7, 2022, version 77716
Delegate: 77800
What's new
Securing data through JSON Web Token (JWT) masking. (PL-29019, ZD-32004)
Harness now masks all JWTs in pipelines and delegate logs. This change prevents data leakage risks for the applications running in Harness.
Early access
No early access features are available in this release.
Fixed issues
Provisioning users through SCIM using Okta throws an error. This happens when a user is first staged in Okta and then activated with the Harness app. The GET API for SCIM does not return any result although the user exists in the Harness database. (PL-29702, ZD-36753)
An enhancement in the fetch logic for the GET API has fixed this issue.
The DELETE API for Harness entities does not throw an error when the entity identifier is invalid. The API response code is 200 and the data field in the response is False. (PL-27270)
The API now returns an HTTP 404 response code and an appropriate error message.
The drag-drop feature for nodes on the create node settings does not work. (PIE-6575)
Adding event logic for improved handling of drag-and-drop actions on nodes has fixed the issue. You can now drag-drop a node on a new as well as existing node.
The authorization header in the log streaming request is missing Bearer before the token. This issue causes log streaming to fail. (PIE-6554)
Changing the signature of the authorization header to Authorization: Bearer
<token>
has fixed this issue.Clicking All Events when creating a notification for a pipeline does not select all the events. (PIE-6524)
Selecting all the pipeline events on clicking All Events has fixed this issue. Now the All Events field also has an additional state indeterminate associated with it. The state indicates if all the pipeline events are neither included nor excluded for notifications.
The HTML parsing for pipeline logs takes longer than expected and delays the display of the logs. (PIE-6538)
An enhancement in the parsing technique and the introduction of caching has fixed this issue.
When creating a pipeline, stage, or step, you are allowed to use the $ sign in the name or identifier even though the $ sign is invalid in those strings. (PIE-6078)
A modification to the regex to remove the support for the $ sign has fixed this issue.
November 29, 2022, version 77608
Delegate: 77431
What's new
Platform
Fix to help you identify Harness in your two-factor authentication app. (PL-29563)
The default name of the entry for Harness in two-factor authentication (2FA) apps such as Google Authenticator now begins with Harness_. This change enables you to identify the correct entry, and to therefore use the correct code, for authenticating to Harness. If you configured 2FA for Harness before this change, remove the existing entry and reconfigure 2FA to see the new name.
Direct use of email addresses in v2 APIs for creating and updating user groups. (PL-29018)
You can now use email addresses in v2 APIs for creating or updating a user group. It is no longer required to first fetch the email addresses by using user IDs
You can now create user groups inline when setting up the Approval stage in a pipeline. (PL-28022)
This is helpful when the user group that needs to be sent notifications does not already exist. The scope of the user group is within the project corresponding to the pipeline.
The Harness UI now lists the versions of services in your account settings. To see the versions, go to Account Settings > Overview, and then expand Platform Service Versions. (PL-26581)
Approval messages in Harness approvals can now have expressions in multiple lines. (PIE-6238, ZD-36667,37069)
Harness service variables now support dots (.). (PIE-4613)
This is helpful when you have JSON/YAML files where you want to update the keys with some values. You can define variables for those keys in harness with (.) to access the keys. The expression to access a key would be: <+variables.get("example.key")>
You can now drag the step details section and move it to the desired location. (PIE-3890)
You need not enter the Tags or Description while importing an entity from Git. (PIE-6171)
The corresponding information for these fields are fetched from Git.
Fixed issues
Platform
Adopted the use of an immutable image for the delegate that is installed by default in newly created accounts. For more information on new delegate features including auto-update, see Delegate Overview. (DEL-4888)
When provisioning users through SCIM, users receive two emails: one from FirstGen and the other from NextGen. (PL-29896)
This happens when the account has two-factor authentication enabled and the authentication mechanism is SAML with SCIM. This has now been fixed to send a single email to the provisioned users.
Referencing multiple secrets by using the dynamic secret expression for HashiCorp Vault causes issues. The value of the latest decrypted secret replaces the values of any previously decrypted secret. (PL-29554, ZD-36459)
This has now been fixed and the secrets have the corresponding decrypted values.
The list of environment groups does not appear in the runtime input settings. (PIE-6411)
This has now been fixed and the list of environment groups is available in the runtime input settings.
When the length of a variable expression is more than 2048 characters in a pipeline, saving the pipeline takes longer than expected. (PIE-6291, ZD-36820)
Simplifying the regex for the variable value expressions has now fixed this.
Clicking Run in pipeline studio navigates to the input sets section in Run Pipeline window. This happens even when you have no runtime inputs for a Pipeline.(PIE-6264).
This has now been fixed. If a pipeline does not need any runtime inputs, clicking on Run starts the pipeline execution.
Service V2 does not resolve the infrastructure definition parameters passed from the triggers. (PIE-6155, ZD-36720)
When a trigger invokes a pipeline, the YAML definition of the trigger and the corresponding pipeline with runtime inputs are merged. In YAML files with a single node element, the infrastructure definition is not processed on the triggers and is not passed as a runtime value.
This has now been fixed. The YAML processing on triggers now takes care of processing the single node elements and propagates the value to the respective pipeline.
The frequency of polling to fetch the pipeline execution list is 20 seconds. Such a long polling interval means that the data fetched by one poll goes stale before the next poll. (PIE-6151)
This has now been fixed by increasing the polling frequency to every 5 seconds.
The Save as New Input Set settings does not close after you save the details. (PIE-5708)
This issue occurs when you run a pipeline that requires runtime input sets. This has now been fixed and the Save as New Input Set settings close after you save the details.
Selecting an event as Merge Request, the default selection for Build Type is not correct for GitLab webhook triggers.(PIE-5117) This has now been fixed by changing the default selection for Build Type to Git Pull Request for the Merge Request event.
November 11, 2022, version 77433
Delegate version: 77431
What's new
Platform
You can now send email notifications to all the members of a user group by selecting the Send email to all users part of the user group option.(PL-29434, ZD-32444)
For existing user groups, this is the default option.
The organization filter selection on the project listing page will now persist across user sessions and page navigations.(PL-29292) You can now see the versions of the services in Account Overview in Platform Service Versions.(PL-26581)
Early access
You can now create secrets using the Google Cloud Secret Manager in Harness. (PL-28978)
For more information, see Add a Google Cloud Secret Manager.
You can now select modules and configure your own navigation in Harness. (SPG-153)
Also, Projects is a new option in the left navigation. Click Projects to view the project-specific overview, pipeline, connector, and other details.
Fixed issues
Custom Dashboards
A bug causing some Dashboards to be displayed incorrectly based on their Feature Flags has been fixed. Dashboards are now correctly shown or hidden by their corresponding Feature Flags. (CDB-390)
Users previously were able to only clone Dashboards either from the "Out Of The Box" Dashboards, or from folders where they had an EDIT permission assigned. Now, if the user has any folder in which they have the EDIT permission assigned, they can clone any available Dashboard into that folder. (CDB-415)
Dashboard alerts and schedules will now run at the specified time in the users local timezone. (CDB-434)
Platform
Fixed critical vulnerability CVE-2022-42889 in the delegate image.
Introduced vertical scaling capabilities for non-legacy delegates. The Xmx flag that specifies the maximum memory allocation for the Java process is set to 70% of the container allotment. (DEL-5150)
Enhanced the information on delegate creation and listing in the delegate installation pages. (DEL-5098)
When clicking Save in the Default settings, error messages do not appear for the radio buttons and checkboxes. (PL-29489)
Introducing formik fields and external error message components for the non-formik fields has fixed this issue.
Harness Audit Logs API is returning an incorrect error for an expired token. (PL-29425, ZD-36045)
The API response now returns the correct error when the API token is invalid or expired.
User Invite Auto Accept is not working when Oauth is enabled and the feature flag AUTO_ACCEPT_SAML_ACCOUNT_INVITES is enabled. (PL-28807)
Removing the SAML condition for Auto Invite Accept has fixed this issue.
Re-run Pipeline is not working as expected. (PIE-6134)
This issue has now been fixed by checking if the values of the variables are missing from the variables map.
When running the pipeline, the primary artifact source is not auto-selected and tags and buckets are not fetched. (PIE-6084)
This issue has now been fixed.
When clicking outside the step settings, there is no option to Apply Changes or Cancel. (PIE-4428)
This issue has now been fixed.
November 6, 2022, version 77317
What's new
Platform
The option to disable Harness Secret Manager is now a part of the core settings in Account Default Settings. (PL-27160)
Early access
Platform
You can now get optimized performance on remote pipelines if you are on delegate version 772xx or higher, by enabling the feature flag USE_GET_FILE_V2_GIT_CALL . (PL-29459)
If you are on an older delegate version, you can upgrade your delegate and then enable the feature flag for optimized performance.
Fixed issues
Platform
The scope of a newly created connector in the account scope was incorrect. When a user tried to use a connector in the account scope, the project scope was displayed. (PL-29190)
This has now been fixed to pick the scope information from the connector data.
On clicking Import Template in Templates, the title of the settings was Import Templates from Git. (PL-29094)
The title of the settings is now Import Template from Git.
Users were receiving two 2FA emails when the feature flags AUTO_ACCEPT_SAML_ACCOUNT_INVITES and PL_NO_EMAIL_FOR_SAML_ACCOUNT_INVITES were enabled. (PL-29081)
This has now been fixed to restrict notifications with 2FA QR code emails to just one.
Editing secrets in Azure Key Vault with minimum permissions was failing. (PL-29025)
The Default Settings in the project scope displayed side navigation options for the account scope. (PL-28977)
Harness now displays the scope-specific side navigation options while on the Default Settings.
Audit logs were not generated when the authentication mechanism was changed. (PL-28680)
No audit logs were available when the authentication mechanism was changed from:
SAML to LDAP and vice versa
User name and password to OAuth and vice versa
This has now been fixed so that Audit logs are available for changes in the authentication mechanism.
On creating a connector inline in the Pipeline studio, the connector was not listed in the connectors list and was not selected by default. (PL-27819)
This has now been fixed so that the connector list refreshes and selects the inline connector by default.
While editing a connector in the account scope, users were able to select secrets at the organization and project scope. (PL-25825)
This has now been fixed to display secrets in the parent scope while editing a connector.
The user was able to delete a Secret Manager in Harness after disabling the Harness Secret Manager. (PL-23148)
Harness now checks if there is at least one active secret manager before deleting a secret manager while the Harness Secret Manager is disabled.
On the secret details page, there was no option to delete the secret. (PL-15045)
This has now been fixed to provide options to edit and delete a secret from the secret details page.
In the Pipelines, when the commit message was left blank, the Pipeline Execution History threw an exception. (PIE-6017)
This has now been fixed so that the Pipeline Execution History displays execution details.
The Run pipeline YAML with K8s Apply step was incorrect when the input set data was undefined. (PIE-5998)
This has now been fixed to pick the input set data from the parent component. Also, all fields path are now updated at runtime.
In a Pipeline with input sets, the specified delegates were ignored while merging the input sets. (PIE-5879, ZD-35813)
This has now been fixed to pick the delegates corresponding to the delegate selectors.
In Pipeline Triggers, deleting variables from the YAML caused inconsistent behavior. (PIE-5737, ZD-35537)
This has now been fixed to enable the deletion of variables from the YAML by fetching the base values from the Templates.
The display of detail information for immutable delegates version 76300 and earlier was changed to indicate that autoUpgrade is OFF. These delegate versions do not include the autoUpgrade feature. (DEL-5096)
October 21, 2022, version 77221
Delegate version: 77221
What's new
Platform
The method that the log streaming task client uses to create threadpools was modified. Threadpools are now created one time in the client's lifetime instead of being created for each task the delegate receives. (DEL-4328)
You can now import Templates from your Git repo. (PL-28597)
Fixed issues
Platform
Users were receiving two 2FA emails when the feature flags AUTO_ACCEPT_SAML_ACCOUNT_INVITES and PL_NO_EMAIL_FOR_SAML_ACCOUNT_INVITES were enabled. (PL-29081)
This is now fixed by restricting notification with 2FA QR code email to just one.
Editing secrets in Azure Key Vault with minimum permissions was failing. (PL-29025)
Some fields were missing in the GET Pipeline CRUD endpoint. (PL-28918)
The status code for GET API was incorrect when the role assignments were absent. (PL-28779)
When 2FA was enabled in the Account scope, the user invitation emails did not contain a 2FA token. (PL-28549)
The conditional skip option in the Pipeline Studio was not displayed consistently across various browsers. (PIE-5712)
This is fixed by making the skip icon SVG as
October 18, 2022, version 77116
Delegate version: 77021
What's new
Platform
The functionality of the delegate auto-upgrade components was enhanced. On installation, the AutoUpgrade feature displays a status message of Synchronizing. If the feature does not receive an API call from the upgrade within 90 minutes, the status message changes to OFF. This affects delegates that are installed with the upgrader components.
A loader is now displayed on click of Run Pipeline to indicate that the Pipeline is running. (PIE-5396)
Early access
N/A
Fixed issues
Platform
No precedence was set when the auth mechanism was username and password and the feature flag PL_NO_EMAIL_FOR_SAML_ACCOUNT_INVITES was enabled. (PL-28739)
This is now fixed by adding a check to ensure the auth mechanism of username and password takes precedence.
Deleting a Project was not deleting the referenced secrets. (PL-28613)
This is fixed by deleting the secrets corresponding to a deleted Project.
The repo name was null in the file path URL for Bitbucket On-Prem account level connector. (PL-28533)
The hard delete for environment was not working as expected. (PL-28403, ZD-34833,35135)
The audit trail displayed for vault _authTokenRef secrets was not correct. (PL-26764, ZD-32596)
This is fixed by not storing any dummy secret if the feature flag DO_NOT_RENEW_APPROLE_TOKEN is enabled for the vault app role.
User was not able to edit the barrier name in the Pipeline's flow control section. (PIE-5621)
October 7, 2022, version 77025
Delegate version: 77021
What's new
Platform
You can now use a readOnly vault as a default secret manager. (PL-24491)
The console colors are now updated for better readability. (PIE-4369)
Early access
Platform
You can now create remote Templates in Harness and save it in your Git repo by enabling the feature flag NG_TEMPLATE_GITX. (PL-28573)
For more information, see:
You can now use expressions to reference pre-existing secrets in Vault using a fully-qualified path. (PL-28352)
For more information, go to Add a HashiCorp Vault secret manager.
Harness will now send email notification for user invites when the feature flag AUTO_ACCEPT_SAML_ACCOUNT_INVITES is enabled. (PL-26218, ZD-32152,35287)
Harness will not send any emails for user invites when the feature flag PL_NO_EMAIL_FOR_SAML_ACCOUNT_INVITES is enabled.
Fixed issues
Platform
Introduced a new method for the Docker delegate to provide proxy configuration. This method provides additional support for scenarios in which delegates running on VMs experience difficulties referencing Kubernetes secrets. (DEL-4813)
Changed the UI to ensure the correct API was invoked. This corrects a functional problem that involved the Add Delegates list. (DEL-4833)
User invites were not sent for the configured SMTP. (PL-28208)
This is now fixed by creating SMTP in Next Gen.
Incorrect auth mechanism was displayed when switching from LDAP to username password. (PL-27887)
Incorrect error message was displayed when the Project or Org or Account name did not exist in the APIs. (PL-27587, ZD-33846)
September 29, 2022, version 76921
Delegate version: 76810
What's new
Platform
The method that the log streaming task client uses to create threadpools was modified. Threadpools are now created one time in the client's lifetime instead of being created for each task the Delegate receives. (DEL-4328)
UI changes were implemented to support enabling or disabling Delegate run-as-root capabilities. (DEL-4836)
When NG LDAP authorization is 'disabled', all LDAP SSO-linked Harness User Groups don't sync in NG. They sync with the users from LDAP when the LDAP settings have authorization enabled. (PL-27954)
Early access
N/A
Fixed issues
Platform
The INIT_SCRIPT was changed to correct an issue that changed behavior. The issue was triggered with the use of the set -e command. (DEL-4898, ZD-34654)
The Default value column is not yet available to users, but the column was added to the user interface. (PL-28215)
Now, the Default value column is removed from the Variables list page since you can't provide a default value.
The field Variable on the Accounts and Organization pages wasn't consistent with the rest of the pages. (PL-28214)
The issue is fixed by removing the Validation text in the Variables form and replacing it with a simple text box and a tooltip that specifies 'Only Fixed Values' are supported in Scope Variables.
The error message displayed by GCP KMS was generic and not useful. (PL-28103)
Now, the error message displays details such as the error code, reason, etc., that would aid in resolving the issue causing the error.
When you enter invalid credentials, the Microsoft Azure Vault client authentication exception was logged, but not considered as an error, and proceeded to the next step where the execution failed. (PL-28017)
Now, this issue is fixed. The exception is logged as an error and doesn't proceed further.
The error message displayed when a Microsoft Azure Vault encryption failed was generic and not meaningful.
Now, the error message displays details such as the error code, account ID, secret name, etc., that would aid in resolving the issue causing the error.
September 22, 2022, version 76817
What's new
Platform
Harness Manager was changed to remove the edit and details UI for Immutable Delegates. These Delegates cannot be changed. (DEL-4756)
A migration will run to remove the following role bindings directly assigned to users for accounts having ACCOUNT_BASIC_ROLE turned ON (PL-28284):
- At Account Scope, Account Basic/Account Viewer -All Account Resources.
- At Organization scope, Organization Viewer - All Organization Resources.
- At Project Scope, Project Viewer - All Project Resources.
Harness now has a built-in user group at each scope. These groups have all the users at the respective scope as their members. As a part of this change, Harness will stop assigning any roles to the User Groups by default. Users can assign roles to the built-in User Group at a specific scope, which becomes the default role for all the users in that group. (PL-26145)
Early access
N/A
Fixed issues
Platform
Harness Manager UI was updated to ensure that Delegate version and associated information clarifies the difference between older immutable and legacy Delegates. (DEL-4826)
There was no limit on the number of visible execution stages shown. (PIE-5320)
This is fixed by adding a limit of showing 3 executions.
September 14, 2022, version 76708
What's new
Custom Dashboards
You can now use forecasting on your dashboards to help you create data predictions. (CDB-351)
Platform
The versioning scheme for the Immutable Delegate was changed from 1.0.
<build_number>
to year.month.<buildNumber>
. (DEL-4338)Expiration was added for Immutable Delegate images. These images will now expire after three months. (DEL-4377)
Login Settings is now renamed to Authentication Settings in Audit Trail. (PL-28048)
You can now view your unsaved changes in the Pipeline Studio by clicking on Unsaved Changes. (PIE-5281)
Early access
N/A
Fixed issues
Custom Dashboards
The Recently Viewed option for sorting dashboards was not functioning correctly. This has been fixed so that the most recently viewed dashboards now appear in the correct order. (CDB-314)
When using a vanity URL, some dashboards were linking to the Harness URL instead of the vanity one. This has been fixed and your dashboards now link to your correct URL. (CDB-355)
Platform
The Vault Renewal Perpetual Task corresponding to a deleted Vault Secret Manager was not getting deleted. (PL-27952)
First Gen login Audit Events were being captured in Next Gen Audit Trail. (PL-22435, ZD-26366)
Create via YAML Builder did not have a cancel option. (PL-20197)
Git Management options were not displayed for Feature Flags. (PIE-5292)
This was because it was using a Project level flag that was replaced. This is now fixed by using the replaced flag.
The links for information on Looping Strategies was redirecting to incorrect docs. (PIE-5266, ZD-34311)
This is fixed by updating the appropriate doc links.
Pipelines
Git Management option was not available for Feature Flags. (PIE-5292)
The link to the Looping Strategies doc was not correct. (PIE-5266, ZD-34311)
Create/edit Triggers for Pipelines with Fixed Values was resulting in errors. (PIE-5242)
The Pipeline variables were being added to the runtime variables and were getting reset. This is fixed by filtering the Fixed Values.
Pipelines with multiple parallel stages were not rendered as expected. (PIE-5018, ZD-33844)
Errors were encountered while executing a Pipeline after saving Input Sets to a new branch. (PIE-4981) This is fixed by by disabling the Commit to a new branch option for Input Sets.
Important Announcements
Platform
Harness now has a built-in user group at each scope. These groups have all the users at the respective scope as their members.
As a part of this change, Harness will stop assigning any roles to the User Groups by default.
Users can assign roles to the built-in user group at a specific scope, which becomes the default role for all the users in that group.
September 7, 2022, version 76619
What's new
You can now inherit User Groups created at a higher scope by using Assign Roles. (PL-27237)
You can now view the past 10 executions of the Pipelines and sort them from the table. You can also go to a specific execution by clicking on it. (PIE-4903)
Early access
You can now create a Harness Custom Secret Manager in Next Gen. (PL-25545)
You can onboard any secret manager with Harness and reference their secrets in Harness using a Shell Script.
This is behind the feature flag CUSTOM_SECRET_MANAGER_NG.
See Add a Custom Secret Manager.
Fixed issues
Fixed the display of an error message in the UI. The error message was not properly displayed when a pipeline selector was added using invalid characters. (DEL-4755)
The Description of User Groups in Access Control was not wrapped and was resulting in inconsistent UI. (PL-27733, ZD-34043)
Error was thrown when importing a Pipeline from Git which was already in use. (PL-27598)
This is fixed now by displaying a confirmation message.
Pipeline was not being triggered while setting up a trigger for a Bitbucket repo. (PIE-4827, ZD-33190)
This is fixed by fixing the order of commit hashes being passed from delegate to SCM service.
August 31, 2022, version 76515
What's new
Git Experience in Next Gen is now enhanced and simplified. (PL-26339)
See Git Experience.
You can now switch branches directly from the Pipeline execution history. This will make it easier to switch branches straight from execution history rather than going to the Pipeline studio first and then returning to execution history. (PIE-4985)
Early access
No early access features are available in this release.
Fixed issues
Email notification for approval was not to SCIM groups with "_" in the group name. (PL-26457)
Multiple error toasts occurred when there was network failure because the error toast condition was at the component level, hence getting re-rendered every time. (PIE-5019)
Users without appropriate permissions were able to create Pipeline and add Stage and Steps. (PIE-5008)
The Add Stage and Add Step options are now hidden for users with View permission.
The existing Input Sets were not getting updated. (PIE-4855) To fix this, Save as Input Set is changed to Save as New Input Set to indicate the correct behaviour.
August 25th, 2022, version 76425
What's new
Now you can add up to 50,000 users in paid plans. The limit remains at 1,500 for free plans and Harness Community Edition accounts. (PL-27300)
See Manage users.
You can now use an enhanced Git Experience. (PL-26339)
See Harness Git Experience Overview.
Harness will continue to support users who have been using the old Git Experience.
Early access
N/A
Fixed issues
Error messages were not displayed while creating a HashCorp Vault Connector. (PL-27383)
This was happening for App Role based login because the value of the namespace was not sent as part of the vault config.
As a part of this fix, the namespace value is now added.
Errors were blocking users from creating a secret even after clicking the back button and updating the correct values. (PL-26169)
This is now fixed by sending the updated data when the back button is clicked.
Unsaved changes were retained even after clicking Discard in the Pipeline Studio. (PIE-4880)
The loading indicator was not displayed when filters were applied. (PIE-4829)
The resource constraint endpoint returned an empty response when the Pipeline Service threw an exception.
Now the case is handled and the response is returned as expected. (PIE-4727)
August 18th, 2022, version 76319
What's new
The versioning scheme for immutable Delegates was changed from 1.0.
<build_number>
to year.month.<buildNumber>
. (DEL-4338)ReactDOM unstable_bacthedupdates will now be used for batch updates. (PIE-4555)
Early access
N/A
Fixed issues
Changed error messaging for NextGen task failures to display a specific error message, if one exists. These errors usually occur when there is no available Delegate to perform a task. (DEL-3933)
The creation of the HashiCorp Vault Connector was failing. (PL-27140, ZD-32981)
The alignment of the Import Pipeline option was not correct. (PL-26644)
The error type was not correct for an empty encrypted file name or Id. (PL-25268)
Polling was not working at regular intervals. (PIE-4751)
Triggering a Pipeline was throwing an error. (PIE-4680, ZD-33179,33187)
August 8th, 2022, version 76128
Delegate Version: 76128
What's new
You will now see a quicker account load when attempting to switch accounts. (PL-21667)
Early access
N/A
Fixed issues
Fixed an issue with the INSTALL_CLIENT_TOOLS_IN_BACKGROUND environment variable that prevented detection of client tools when download was disabled. (DEL-4246)
Kubernetes Auth method for Vault connector was not functioning. (PL-26919, ZD-32763)
Repo details were displayed while running a Pipeline with Input Set. (PL-26706)
The Input Set error experience did not show the error response that were received from the back end. (PL-26686)
Kubernetes Auth Endpoint was displayed even if the authentication type was Vault Agent. (PL-26600, ZD-32625)
Email notifications were not sent for approvals. (PL-26457, ZD-32444)
Connector status was not displayed correctly. (PL-25666)
Appropriate error messages were not displayed for AWS Secret Manager. (PL-24942)
Harness Terraform Provider was displaying incorrect error response when a specific Trigger was not found. (PIE-4632)
Tags API did not have formik values wrapped with the Pipeline key. (PIE-4631)
Editing Terraform Var file was throwing an error. (PIE-4618, ZD-32734)
August 1st, 2022, version 76030
Delegate Version: 76127
What's new
Role-based Access Control has been added to Custom Dashboards. To access Dashboards, users now must have the View Dashboards permissions. (CDB-227)
Stream logs' performance has improved. (PIE-4447)
Early access
N/A
Fixed issues
On Custom Dashboards, the filters for Deployments and CG Deployments have been merged into a single Deployments filter tag. (CDB-259)
Git Experience was throwing an error for file updates via Bitbucket. (PL-26564, ZD-32559)
Notification Preference for the SCIM provisioned User Groups was not getting saved. (PL-26324, ZD-32246,32444)
SAML SSO setup was throwing errors. (PL-26303, ZD-32097)
Git Experience was throwing an error while updating Azure Connector in a Project. (PL-26216, ZD-32129)
Deletion of the stage strategy was not working. (PIE-4475)
Selecting selective stages before running a Pipeline was resulting in errors. (PIE-4437)
Adding allowed values for the Timeout field as part of Input Sets was throwing an error in Pipelines. (PIE-3831)
July 20th, 2022, version 75921
What's new
Resource constraint blocking in approval state (PIE-3195)
The infrastructure resource constraint now has the Stage scope to unblock the operations of other Pipelines.
Early access
N/A
Fixed issues
Create File API was not working correctly in Git Experience. (PL-26360)
Branch listing was failing in Git Experience. (PL-26275)
Pipelines were executed even if a wrong selector was passed at the Pipeline level. (DEL-4424)
The Audit Trail for Delegate creation was not captured properly. (DEL-4321, ZD-31813)
July 11th, 2022, version 75829
What's new
Support for the use of secrets for notifications to be sent via the Delegate (PL-22129)
You can now add your notification webhook URLs as Encrypted Texts in Harness and reference them for the following notification methods:
- Slack Notifications
- PagerDuty Notifications
- Microsoft Teams Notifications
For more information, refer to Manage Notifications, Add a Pipeline Notification Strategy.
Improved error messages in the console view for Pipeline execution. (PIE-3915, ZD-31031)
Improved console view for stages. (PIE-3886)
Improved NextGen secret cache to store encryption Details (DEL-4288)
The Secret cache in NextGen has been revamped to store Encryption details. These details are being fetched from NextGen manager via rest API calls from the FirstGen manager, which increases latency during task queuing. With this cache, we will substantially reduce this latency.
Hard Delete Delegates and linked entities when their parent Project or Organization is deleted (DEL-4202)
Delegate entities will be hard deleted on deleting parent Org/Project. Users will be able to recreate these entities with the same identifier.
Remove OVERRIDE_CONNECTOR_SELECTOR (DEL-4159)
Added support for scoping a single Delegate to an Environment, Pipeline, or Stage. For CD pipelines, the option to add Delegate selectors at Pipeline, Stage, and Step group levels is introduced along with the existing Step level and Connector level.
Improved the logic of Delegate token validation to make it more performant. (DEL-3998)
Removed the io_netty_netty dependency from delegates. (DEL-3798)
Early access
N/A
Fixed issues
Sanitization of secrets with trailing spaces was not happening correctly. (PL-25784)
Pipelines with Deploy stage templates are not listed on the Pipelines listing page. (PIE-4298, ZD-29735,32185)
Empty strategy metadata was being added in the parallel stages. Hence, runtimeId was added in the graph instead of setupId. (PIE-4284)
Pipeline Cloning was not listing the current project. (PIE-4279)
The conditional execution icon was not visible on stages in the Execution view. (PIE-4277)
The execution console view was showing parent matrix nodes. (PIE-4271)
Triggers were not deleted on the deletion of the Project when the HARD_DELETE_ENTITIES flag was set. (PIE-4234)
Only the stage variable was getting saved when a user added the Pipeline variable as well as the Stage variable from the variable panel. (PIE-4223)
Rerun form for an already executed Pipeline rendered input set for the previous execution with stale data. (PIE-4222)
Builds page was blocking the entire UI. (PIE-4213)
Overlay InputSet Creation API did not have the correct parameters. (PIE-4210)
The Input set was not showing the YAML file name correctly. (PIE-4202)
Pipeline inputs were not displayed. (PIE-4190, ZD-31636)
Adding a when condition to the step broke the variable view. (PIE-4179)
Service settings were not displayed correctly in the Pipeline studio. (PIE-4108)
YAML Editor was not suggesting stage-specific options like Approval, Deployment. (PIE-3703)
Autocomplete was not displaying the full path of the vars. (PIE-3535)
The Delegate token name was not saved in the Delegate collection. (DEL-4384)
The background task was not running when the user had an expired CG license, even if the NG license was active. (DEL-4309, ZD-31137)
The Docker Delegate troubleshooting screen showed 'kubectl' tips. (DEL-4275)
The Delegate was performing automatic updates while explicitly disabling the ONE security mechanism that was in place to protect the supply chain. (DEL-4153)
The GET Tags API was not returning the Delegate name in the list of tags associated with the Delegate. (DEL-4045)
The Delegate Filter API was not returning an accurate response as per selection for the Status field. (DEL-3427)
Users were not able to install Harness NG Delegate on Apple Laptop (with M1). (DEL-3252)