DEVOPSdigest

Harness announced four new product modules on the Harness platform.

Each module is aimed at advancing the state of software delivery and developer experience, and includes Harness Code Repository, Harness Internal Developer Portal, Harness Infrastructure as Code Management, and Harness Software Supply Chain Assurance.

■ Harness Code Repository

Harness Code Repository is a premium module based on open source Gitness™ (launched today) and tailored to meet the demands of enterprise teams and organizations. Gitness is a developer-friendly, open source Git platform created to address common obstacles in traditional software development workflows. Harness Code Repository provides additional enhanced features and capabilities for Gitness, including:

- Collaborative code reviews to foster collaboration and knowledge sharing, for higher code quality and fewer errors

- Advanced governance with branch protection to ensure stability by preventing unauthorized or risky changes from being merged into critical branches, reducing the chance of introducing bugs or vulnerabilities

- Policy enforcement powered by OPA to ensure code complies with predefined organizational standards and best practices, reducing manual intervention and human error

- Seamless integrations tailored for the development process on the Harness platform help streamline the development process by connecting code repos with other development and deployment tools to improve efficiency and collaboration, which accelerates the software delivery pipeline

Harness Code Repository will be available in beta next month.

■ Harness Internal Developer Portal (IDP)

The Harness Internal Developer Portal (IDP) helps organizations accelerate new service onboarding, simplifying the often complex and time-consuming process of setting up infrastructure, configuring frameworks, establishing CI/CD pipelines, and more. Harness IDP is built on the Backstage.io platform, providing critical governance features out of the box and a simplified management experience.

Harness IDP includes:

- Self-service automation enables developers to create new services quickly, eliminating up to days or weeks of waiting time

- The Software Catalog unifies essential service information, such as builds, deployments, alerts, and health metrics, into a single pane of glass called the Software Catalog

- Discoverability of tools enhances collaboration and communication within organizations by providing easy discoverability of internal services, APIs, and tools, which helps prevent duplication of efforts and enables efficient knowledge sharing

- Scorecards enable platform engineers to gauge service maturity and encourage the adoption of best practices from DevOps, development, and security perspectives—effectively gamifying the quest for excellence in software development

The result is that developers spend less time being blocked and more time innovating.

■ Harness Infrastructure as Code Management (IaCM)

Companies are using Infrastructure as Code (IaC) to define infrastructure requirements, configurations, and dependencies, and to manage resources in a more efficient and repeatable way. However, customers are still finding that most IaC solutions are labor intensive, create errors, and come with limited visibility and guardrails. Harness Infrastructure as Code Management (IaCM) addresses these challenges and adds automation and security.

Harness IaCM provides:

- An advanced pipeline for IaC automation, simplifying code management from Pull Request (PR) to provisioning. Streamlining the process speeds up the creation, testing, review, and deployment of infrastructure changes, significantly improving efficiency

- Automatic drift detection and remediation continuously monitors the infrastructure for deviations, ensuring all changes are done in the right process

- OPA-based infrastructure policies to enforce security and compliance standards. These policies, defined as code, are applied automatically during the provisioning process, reducing the risk of misconfigurations and vulnerabilities

- Provides the PR process for reviewing infrastructure changes, making it more efficient and error-resistant by allowing developers to understand the impact of their changes before merging the code

Harness IaCM helps organizations achieve the benefits of self-service infrastructure management, mitigate risks associated with manual processes, and optimize operational efficiency, resulting in more secure, compliant, and efficient infrastructure management.

■ Harness Software Supply Chain Assurance (SSCA)

The Harness Software Supply Chain Assurance (SSCA) module provides:

- Deep visibility and control over open source software components, allowing organizations to monitor and enforce policies based on component versions, licenses, suppliers, and more

- Streamlines the generation of SBOMs in various formats, enabling secure sharing and storage. Users can sign and validate SBOMs with their private keys

- Enables governance by setting up policies to block harmful or risky components, such as log4j, in an organization's supply chain

- Ensures software integrity by generating and verifying attestations, following SLSA specifications and mandates listed in Executive Order 14028

- Strengthens software development with DevSecOps practices, further letting software producers effectively ship secure software artifacts to their consumers

"The four new modules we are launching today represent a significant leap forward on our mission to enhance efficiency, foster collaboration, and fortify security throughout the software delivery lifecycle," said Jyoti Bansal, CEO and cofounder of Harness. "These new innovations are the latest way we are providing developers and organizations with the tools and capabilities to help them achieve their software development goals."