July 2024 Summaries
19 posts from Harness
Filter
Month:
Year:
Post Summaries
Back to Blog
Database schema changes present a unique challenge in application delivery, often slowing down the process due to the need for maintaining data integrity, manual processes, and approval bottlenecks. Unlike application code changes, schema changes are complex because they must ensure data consistency, such as when splitting a column into two without losing data. This complexity can be managed by automating the deployment process and integrating schema changes into CI/CD pipelines using tools like Liquibase or Flyway, which help reduce errors and speed up approvals. Additionally, adopting a DevOps approach, where development and database administration teams collaborate closely, can streamline the approval process and ensure early testing of database changes. Poorly optimized schema changes can degrade performance, and manual processes can be error-prone, further complicating the process. Strategies to mitigate these issues include automating deployments, implementing version control for database changes, and fostering collaboration to accelerate application delivery while maintaining database integrity. Stephen Atwell, who leads Harness's Database DevOps product, emphasizes the importance of addressing these challenges and invites participation in refining their solution through a public beta.
Jul 31, 2024
1,501 words in the original blog post.
AWS announced the discontinuation of CodeCommit for new customers, prompting a need for an alternative source code management solution, with Harness Code Repository emerging as a secure, AI-enhanced option that supports seamless integration with CI/CD pipelines and AWS services. When selecting a new SCM, it's important to consider factors such as the developer experience, management, security, governance, and integration capabilities. Harness Code Repository provides a familiar Git experience, robust security features like granular role-based access control, audit trails, and built-in scanning for vulnerabilities, alongside generative AI tools for code search, generation, and pull request summarization. Migrating from AWS CodeCommit involves careful planning of timelines, choosing whether to transition incrementally or all at once, and ensuring the functionality of CI/CD workflows. Chinmay Gaikwad, a seasoned professional in cloud-native solutions and CI/CD pipelines, highlights the ease of integration of Harness Code Repository with various development tools and its feature-rich environment, which can significantly ease the transition to a new SCM.
Jul 31, 2024
873 words in the original blog post.
DevSecOps is an approach that integrates security practices throughout the software development lifecycle, emphasizing collaboration among development, security, and operations teams to build secure applications from the outset. This approach involves "shifting security left," meaning security practices are integrated early in the development process, which helps in identifying and resolving vulnerabilities sooner and meeting regulatory requirements more efficiently. Core principles include making security a shared responsibility across the organization, breaking down functional silos, and enhancing collaboration, all of which contribute to driving better decision-making and optimizing tooling for developer productivity. The DevSecOps toolkit includes CI/CD pipelines, application security scanners, and policy-as-code governance, with AI and automation playing crucial roles. Tools such as Software Composition Analysis, Static and Dynamic Application Security Testing, and Infrastructure-as-Code scanning are employed to manage vulnerabilities effectively. Successful implementation of DevSecOps can lead to a decrease in application security incidents, compliance audit time, and vulnerabilities in production, while increasing deployment frequency and reducing lead time for addressing zero-day vulnerabilities, ultimately aiming for a balance between security and developer velocity.
Jul 30, 2024
1,117 words in the original blog post.
Harness enhances CI/CD pipeline security by integrating automated security testing, secret management, and compliance checks with frameworks like OWASP and SLSA, achieving SLSA L3 v1.0 compliance for secure software delivery. CI/CD practices are crucial in modern software development, allowing for automation and streamlining of the release process, where CI focuses on integrating code changes into a shared repository for early issue detection, and CD automates deployment to production environments. Common security challenges in CI/CD include manual processes, delayed feedback, siloed visibility, inconsistent governance, and complex security management, which Harness addresses through tools like Wiz, Snyk, and Semgrep, as well as AI-driven recommendations. By incorporating security throughout the development lifecycle, CI/CD supports DevSecOps by automating security tests, shifting security left, providing continuous monitoring, and ensuring compliance, thus fostering a collaborative environment where security is a shared responsibility. Harness further supports secure cloud-hosted builds through features like Secure Connect, role-based access control, audit trails, and policy-as-code mechanisms, positioning itself as the only vendor supporting the SLSA L3 v1.0 standard at the time of the writing.
Jul 29, 2024
1,463 words in the original blog post.
Organizations are increasingly under threat from attacks on their software supply chains, making it crucial to implement robust security practices. The complexity of modern application development, involving global teams and numerous open-source dependencies, heightens the challenge of securing these supply chains. Best practices include considering all aspects of the software supply chain, such as code repositories and CI/CD tools, and ensuring security controls are in place. The use of Software Bills of Materials (SBOMs) is essential for managing zero-day vulnerabilities by providing detailed inventories of software components. Governance through policy-as-code helps enforce security and compliance by establishing clear guidelines and guardrails. The Supply Chain Levels for Software Artifacts (SLSA) framework aids in verifying the trustworthiness of software artifacts by ensuring the provenance of software components. Despite the challenges, organizations are making progress with DevSecOps practices, although many are still in the early stages of development.
Jul 28, 2024
1,080 words in the original blog post.
Implementing modern DevOps practices such as canary deployments, feature flags, chaos testing, and automated software delivery pipelines can significantly enhance system reliability and operational stability, as highlighted by Citi's success using Harness Continuous Delivery. These practices help manage the challenges and risks associated with complex vendor ecosystems and multi-cloud environments, as demonstrated by a recent incident with CrowdStrike where a problematic code push caused widespread service disruptions. By adopting strategies like canary rollouts, organizations can identify issues early and reduce disruption risks, while feature flags offer granular control over feature deployments. Automated pipelines help maintain consistent processes, minimizing human error and improving deployment speed, as evidenced by Citi's improved performance and developer satisfaction. Jyoti Bansal, a serial entrepreneur, emphasizes the importance of these practices for maintaining resilience in modern software ecosystems and encourages businesses to proactively manage vendor dependencies to ensure operational continuity and success.
Jul 26, 2024
853 words in the original blog post.
Shift left security is a strategy that integrates security testing early in the software development lifecycle to identify and address vulnerabilities before they escalate into costly issues at later stages. This approach aligns with DevSecOps principles, enhancing code quality and reducing the burden on developers by minimizing the time spent on rework and remediation. By incorporating security measures like static and dynamic analysis early on, developers can address vulnerabilities when the code is still fresh in their minds, thereby improving efficiency. The implementation of shift left security involves assessing current processes, educating teams on secure coding practices, and leveraging tools such as Harness Security Testing Orchestration (STO) to automate and streamline security testing within CI/CD pipelines. STO facilitates this process by integrating with numerous security scanners, prioritizing vulnerabilities, and providing AI-driven remediation guidance, all of which help developers focus on effective fixes without additional workload, ultimately fostering a robust security governance framework.
Jul 26, 2024
1,156 words in the original blog post.
Amid increasing attacks on open-source software dependencies, the Supply Chain Levels for Software Artifacts (SLSA) framework emerges as a crucial tool for ensuring software artifact integrity and trustworthiness. Launched by the OpenSSF in 2021, SLSA provides a structured approach to securing the software supply chain by automatically generating verifiable metadata that aids in policy decisions. The framework comprises four levels, each building upon the last to enhance security, from documenting a package's build process to enforcing cryptographic signatures and build hardening against tampering. SLSA's effectiveness hinges on the verification of attestations, which organizations are expected to perform automatically using trusted tools, ensuring software integrity throughout the supply chain.
Jul 25, 2024
715 words in the original blog post.
Forrester's evaluation of cloud cost management and optimization (CCMO) vendors recognized Harness as a Strong Performer, citing its market-leading features and differentiation in the competitive landscape. The report analyzed 12 significant players using 25 criteria, highlighting Harness's strengths in areas such as Cloud AutoStopping and Cluster Orchestrator, which cater to container-focused companies. In today's digital environment, effective CCMO solutions are essential for managing cloud costs as businesses expand their cloud infrastructure. Harness's recognition underscores its commitment to innovation and excellence in helping businesses optimize cloud spending and align it with strategic objectives. The report emphasizes the importance of CCMO tools in providing visibility, eliminating waste, forecasting costs, and implementing automated strategies to maintain financial health and operational efficiency.
Jul 24, 2024
478 words in the original blog post.
Continuous Integration (CI) is a crucial practice in software development that involves regularly integrating code changes into a shared repository, which triggers automated build and test processes. This approach enables early detection and resolution of issues, enhancing code quality, accelerating release cycles, reducing costs, and increasing customer satisfaction. CI promotes agile development with smaller code changes, fault isolation, faster mean time to resolution, reliable testing, and scalability. It also improves team coordination, transparency, and accountability, while facilitating easier maintenance and scalability as projects grow. Chinmay Gaikwad, an expert in cloud-native solutions and CI/CD pipelines, emphasizes the benefits of CI for creating more responsive and customer-focused development processes.
Jul 24, 2024
718 words in the original blog post.
Harness SCS has introduced Repo Security Posture Management (RSPM) as a new feature to enhance the security of software supply chains by identifying misconfigurations and vulnerabilities in code repositories. Originally focused on mitigating risks from open-source software (OSS) dependencies, Harness SCS now extends its capabilities to code repositories, which are susceptible to attacks due to inadequate access controls and improper configurations. By integrating with major Git providers, the RSPM feature conducts comprehensive scans against industry standards like the CIS Software Supply Chain Security Benchmark and OWASP Top-10 CI/CD Security Risks, allowing organizations to pinpoint security issues and comply with these frameworks. The system provides detailed assessments, lists rule violations, and offers a filterable listing of dependencies, aiming to bolster the security posture of applications' codebases and deployment pipelines.
Jul 23, 2024
809 words in the original blog post.
Software testing is a vital aspect of continuous delivery, ensuring applications' quality, reliability, and performance by integrating various testing methodologies throughout the delivery pipeline. This approach includes functional, non-functional, unit, integration, end-to-end, chaos, exploratory testing, and feature experimentation, allowing teams to identify and resolve issues early, improve software quality, and enhance user satisfaction. Incorporating tools like the Harness Software Delivery Platform, which employs Test Intelligence and quality gates, can optimize testing efficiency and effectiveness. By fostering a culture of quality and collaboration between development and testing teams, organizations can accelerate time-to-market for new features while maintaining high standards. As software development continues to evolve, the role of comprehensive testing strategies in continuous delivery will become increasingly crucial, enabling teams to meet modern delivery challenges effectively.
Jul 23, 2024
1,348 words in the original blog post.
GitOps is a contemporary software development methodology that leverages Git repositories as the definitive source for infrastructure and application configurations, ensuring alignment between the desired state in Git and the actual deployed state through automated processes. This approach integrates Infrastructure as Code (IaC), CI/CD pipelines, and automated deployment, particularly excelling in Kubernetes environments by using operators for automatic reconciliation. The Git repository acts as a centralized platform for storing infrastructure code and applications, enabling version control, collaboration, and automated deployment. GitOps promotes a declarative model, ensuring environments reflect the state defined in the Git repository, reducing the risk of configuration drift. Infrastructure as Code (IaC) is crucial for GitOps, allowing infrastructure management through code and promoting consistency, version control, and automation. CI/CD pipelines automate building, testing, and deploying changes, supporting GitOps by detecting changes in Git, triggering builds and tests, and deploying updates automatically. Kubernetes operators continuously monitor repositories, applying updates to clusters, providing automatic reconciliation, and self-healing if discrepancies arise. Harness GitOps, an AI-powered platform, enhances this approach by offering a centralized console, PR Pipelines for automated promotion and rollback, automated updates of GitOps controllers, and advanced observability, facilitating more robust workflows, reducing operational overhead, and speeding up software delivery. Implementing GitOps workflows can lead to improved consistency, reliability, and efficiency in software delivery, encouraging faster innovation and better customer satisfaction.
Jul 22, 2024
1,331 words in the original blog post.
Migrating Git repositories from Azure DevOps to Harness involves several challenges, such as managing authentication and access control, handling large repositories, ensuring correct dependency management, and replicating build and deployment pipelines. These challenges require careful planning and the application of best practices to ensure a smooth transition. Key strategies include conducting a dependency audit, using shallow cloning for large repositories, and systematically transferring build and deployment components. Harness Code Repository (CR) provides tools and documentation to streamline the migration process, with features such as Test Intelligence and Docker Layer Caching to optimize builds. Dewan Ahmed, a Principal Developer Advocate at Harness, emphasizes the importance of thorough planning, staged testing, and leveraging automation to enhance software delivery capabilities, drawing on his extensive experience in DevOps and software engineering advocacy.
Jul 22, 2024
779 words in the original blog post.
OpenTofu emerges as a compelling alternative to Terraform, particularly after Terraform's licensing shift to a more restrictive model, which increased costs for many users and prompted concerns about vendor dependency. As a fork of Terraform, OpenTofu maintains backward compatibility while committing to a truly open-source framework managed by the Linux Foundation, ensuring transparency and community-driven development. OpenTofu not only preserves compatibility with existing Terraform setups but also introduces new functionalities, such as client-side state encryption and dynamic provider-defined functions, aiming to innovate beyond being just a Terraform shadow project. Major ecosystem players like Oracle and Grafana Labs have transitioned to OpenTofu, highlighting its potential as a robust, impartial, and future-proof Infrastructure as Code (IaC) tool. Its modular architecture encourages the growth of an ecosystem around it, making it a reliable choice for managing cloud application infrastructures at scale while fostering innovation and collaboration within the community.
Jul 10, 2024
879 words in the original blog post.
The Business Alignment report in Harness SEI addresses the challenge many tech organizations face in linking engineering efforts to business goals by offering a clear way to visualize and prioritize these efforts. This report provides engineering leaders and finance teams with tools to categorize work accurately, distinguishing between capitalized tasks like new feature development and non-capitalized tasks such as maintenance. It also offers insights into resource allocation, enabling finance teams to associate costs with specific work categories and generate precise software capitalization reports. By automating work categorization and resource allocation, it reduces manual errors and streamlines financial reporting, ultimately fostering better collaboration between engineering and financial teams. With its ability to connect technical tasks to business objectives, the report aids leaders in optimizing engineering investments and aligning them with strategic growth targets, providing a comprehensive view of work distribution and resource needs across projects.
Jul 09, 2024
804 words in the original blog post.
Harness Chaos Engineering (HCE) simplifies chaos engineering for enterprises by integrating the open-source LitmusChaos project with a comprehensive, free plan that includes features like a cloud-native approach, an extensive fault library, centralized control plane, and native integration with Harness pipelines. This approach allows for structured experimentation, observability, and hypothesis validation to build resilient applications, supported by governance enforcement, detailed analytics, and guided chaos experiment execution. HCE offers both SaaS and self-managed platforms, enabling users to create chaos experiments and analyze their results to improve system reliability and reduce downtime. It also provides tools like the Chaos Engineering ROI Calculator to estimate business losses from outages and evaluate the financial benefits of chaos engineering practices. The platform is designed to be accessible, allowing users to sign up for free to experience the benefits of chaos experiments and improve their chaos engineering journey.
Jul 09, 2024
2,608 words in the original blog post.
Harness SEI has announced a new integration with ServiceNow, enhancing its capability to measure software delivery performance metrics by using existing ServiceNow-enabled incident management processes. This integration allows users to track key DevOps Research and Assessment (DORA) metrics, such as Deployment Frequency, Change Failure Rate, and Mean Time to Recovery, directly from ServiceNow activities, thus providing a more comprehensive understanding of operational performance without altering current workflows. Users can utilize their existing ServiceNow data to improve Harness SEI reporting and create customizable dashboards that emphasize crucial metrics for their teams. The integration offers two authentication methods and supports a robust measurement of DORA metrics, enabling trend analysis and continuous improvement by linking change requests and incidents to deployment and failure events. This collaboration aims to bridge the gap between operational data in ServiceNow and development metrics in Harness SEI, offering a holistic view of the software delivery lifecycle to facilitate informed decision-making and process optimization.
Jul 03, 2024
642 words in the original blog post.
In the June 2024 edition of Harness product updates, several new features were introduced to enhance cloud cost optimization, software supply chain security, and developer experiences. The company launched three AI-powered cloud cost optimization tools to improve governance-as-code, automated commitment management, and cluster node auto-scaling, along with the SSCA module now being SMP BETA ready for securing software supply chains. Enhancements in developer tools include improved pull request workflows with code suggestions and comments, native support for Kubernetes rollout commands, and a SecureConnect feature for Harness CI Cloud supporting various operating systems. Infrastructure as Code Management now offers PR automation for better visibility into planned changes and costs, while Split Feature Management allows for semantic version targeting in app updates. Upcoming events and resources such as the FinOps Excellence Summit and various educational materials are also highlighted.
Jul 01, 2024
687 words in the original blog post.