Feature Requests

Can we have a feature to filter evaluation results of a specific policy?

Allow the Git fetch type (branch or tag) and version to be selected at runtime for manifests defined in a Kubernetes service. Problem Teams deploy lower environments from branches and production from tags. Today, the fetch type is static, making it difficult to use a single service definition across environments. Requested Capability Runtime input to choose branch or tag Ability to pass the version dynamically (for example via pipeline input) Optional fallback logic such as defaulting to tag, then branch if not found Value Enables environment-specific promotion strategies while maintaining a single reusable service definition.

Current Challenge: When using Approval steps in Custom Stages, new pipeline executions automatically reject previous executions that are waiting for approval Moving approvals to CD Stages (as currently suggested) requires individual approval for each service deployment, which is impractical for organizations with 50+ microservices Feature Request: We need a way to implement pipeline-level or global approvals that: Do NOT auto-reject previous pending executions when new executions start Allow a single approval to cover multiple service deployments within the same pipeline execution Maintain the approval workflow integrity without requiring 50+ individual approvals per release

Spinnaker currently cannot discover or cache GCP Regional External HTTP(S) Load Balancers. When these L7 regional load balancers are created in GCP and attached to MIGs, Clouddriver fails to find them and pipelines cannot reference them. Only global HTTP(S) LBs and regional TCP/UDP network LBs are supported today. Impact This blocks regional architectures that require L7 load balancing. Customers must use global LBs, manage LBs outside Spinnaker, or implement manual workarounds. Expected Behavior Spinnaker should detect, cache, and allow pipelines to attach to regional external HTTP(S) load balancers.

Please upgrade OPA engine to v1 in order to support Rego v1 syntax in Harness policies. Release: https://github.com/open-policy-agent/opa/releases/tag/v1.0.0 Announcement: https://blog.openpolicyagent.org/announcing-opa-1-0-a-new-standard-for-policy-as-code-a6d8427ee828 Doc: https://www.openpolicyagent.org/docs/v0-upgrade

When using OCI based helm chart hosted in harness AR, the list of the chart version comes on last created at sort instead of latest first. Ideally, we should display the latest chart first here in this case. Please update this API to display the latest chart first.

When using the Config Files → Copy step with a directory path, the directory structure from the source is not retained at the destination. Instead, all files are flattened into a single target directory. This causes files with identical names to overwrite each other, resulting in loss of configuration data and unexpected behavior. Example: Source directory structure: configs/ └── root/ ├── env1/ │ └── env.properties ├── env2/ │ └── env.properties ├── env3/ │ └── env.properties ├── log4j2.xml └── log4j2.txt After using the Config Files copy step, the destination becomes: env.properties (overwritten multiple times) log4j2.xml log4j2.txt Since multiple env.properties files exist under different subdirectories, they overwrite each other in the destination directory. The original directory hierarchy (env1, env2, env3, etc.) is not preserved.

Impact: Teams would no longer have a way to validate their applications post-deployment. Workaround: There are two. The first is to deploy Harness so that it has direct access to the clusters. We can either do this with or without ArgoCD but the system would have a great deal of access to our clusters and it would potentially dramatically change our cloud platform build process. The second is to maintain the EventRouter component and have that system call back into Harness to invoke a validation pipeline after it sees ArgoCD’s success. This requires us to need to maintain our current code. If we use the system where Harness does not have direct control of the clusters, which matches better with our current architecture, Harness would not immediately have a way to know when a deploy is successful. This is because it would perform a gitops operation (merge a PR) and then it would need to wait for a signal that the operation had completed so that it knew to check to see if the deploy had been successful. Since it doesn’t have access to the cluster there’s no direct interface to know this. Harness would have to implement a way to get a signal back from ArgoCD to trigger it to run the verification, but without having direct access to the cluster.

"Impact: Teams would not be able to deploy their applications without some solution to this problem, even if it is keeping a static set of Helm charts, one per environment. The toil from the maintenance on this approach as well as the potential for cut and paste errors would be high. Workaround: We can continue maintaining the processes and approaches we have outside of Harness to support these use cases, passing in the appropriate Helm charts into the pipelines as needed. Request: We need the ability to parse a hierarchy of values which leverages inheritance to define a set of values that applies to a specific target cluster. These values are injected into Helm templates at or before deploy time to create a valid Helm chart for that specific cluster based on team-defined values. For example, you might have 4 pods in EMEA and only 2 pods in the US. You write your values files in such a way that the system knows that all the Helm charts destined for EMEA clusters use the value 4 and the US clusters use 2.

Impact: Teams will see deployment failures or, worse, see successful pipeline runs that do not act on all applicable targets. This is worse because they will see success but it did not actually succeed completely. Workaround: Similar to above, we can call into Harness pipelines from code we maintain outside of Harness, passing in the appropriate environments. Request: We know Harness supports a static inventory of environment targets. We need to query an API on each pipeline run to get the current status of target clusters and allow teams to define or skip which of these targets should be used via tags or labels. The inventory can change with every pipeline run.