harness - The Modern Software Delivery Platform®
Create
Log in
Home
Feedback
Feature Requests
Log in to your harness - The Modern Software Delivery Platform® account to give feedback
Log In
Boards
Feature Requests
Powered by Canny
Feature Requests
Anonymous
Feature Requests for Harness. Select 'Category' based on the module you are requesting the feature for.
Details
Category
Showing
Trending
Sort
Trending
Top
New
Filter
Under Review
Planned
In Progress
This Fiscal Quarter
Next Fiscal Quarter
Long-term
Pending Feedback
Complete
posts in
All Categories
All Categories
Continuous Delivery & GitOps (1,694)
Continuous Integration (372)
Feature Mgmt & Experimentation (282)
Cloud Cost Management (210)
Feature Flags (96)
Service Reliability Management (9)
Security Testing Orchestration (98)
Chaos Engineering (36)
Software Engineering Insights (109)
General Platform Requests (435)
Internal Developer Portal (109)
Code Repository (39)
IACM (32)
Continuous Error Tracking (13)
Drone 2.x (13)
Open Source (31)
SSCA (12)
Database DevOps (13)
Application and API Posture (0)
Application and API Security (1)
Application and API Protection (0)
Traceable Platform (1)
SBOM & SLSA Attestation/Verification is required for restricted Branches
Hi Team, We are generating the SBOM & SLSA Attestation steps in the pipeline and we don't want to perform attestation for all branches. Instead, we want to do attestation only for release, master, and main branches. This will help us save resources in Artifactory and Vault
0
1
NO_ASSERTION for the internal jars
It would be great if you could map the internal package int he Artifact SBOM so that it would show no assertion on the Harness SBOM page
0
1
Support sub-folder in Harness-Vault connector
Hi Team, The Harness-Vault connector is not capable of pulling keys from subfolders. It would be great if you could add this feature. We are adding subfolder details in the stage variable to fetch the keys.
0
1
Support search based on components and Licenses in policy violations side-car
In policy violations side-car page, search based on components/licenses defined in the violation rules
1
·
under review
1
Severity of the policy set shown in the policy violations dashboard
Severity of the policy set (warn or block) shown in the policy violations dashboard (Pipeline execution summary)
1
·
under review
1
Name of the Policy set should be shown in the policy violations dashboard
The name of the policy should also be shown in the Pipeline execution summary. This helps the team to identify which policy sets were violated
1
·
under review
1
Support timestamping for artifact signing
A best practice for artifact signing is to support timestamping. Timestamping: To ensure the signature was produced within the certificate's validity window, a timestamp is added to the signed artifact. This will allow us to not fail a verification/validation step if the signing material has changed or expired. Without this, we would need to resign the same artifacts.
1
·
under review
1
ScoreCard integration
integrating something like scorecard to help understand potential issues with opensource package dependencies. https://github.com/ossf/scorecard
5
·
long-term
2
Powered by Canny
