Created Resources

After HSF is deployed will have the following resources in your account:

Service Accounts

A service account named harness-platform-manager is created at the account level. This service account has admin privileges and is responsible for provisioning and managing the resources necessary for running HSF workflows.

Variables

To support IDP workflows, account-level variables are created. These variables store key configuration values, including the project name, organization name, connector information, and platform URL. They enable workflows to dynamically locate and interact with the correct components and environments within Harness. The variables created are HARNESS_ENDPOINT, HARNESS_PORTAL_RESOURCES, custom_template_library_connector, custom_template_library_repo, solutions_factory_template_library_connector, solutions_factory_template_library_repo, solutions_factory_endpoint, solutions_factory_org, and solutions_factory_project.

Connectors

Connectors are created to integrate HSF with codebases and artifact repos. The connectors that are created are harnessSecretManager for both Delegate Mangement and Image Factory projects, Custom_Harness_Template_Library_Repo, solutions_factory_template_library_connector, solutions_factory_template_library_repo, Harness_Solutions_Factory_Repo, Harness_Template_Library_Repo, Harness_Solutions_Factory_Repo___Official, harnessSecretManager, hsf_solutions_factory_connector, hsf_dockerhub_connector, and harnessSecretManager.

Organizations

All HSF-related resources are organized under a newly created organization named harness-platform-management. This organization serves as the central location for all projects, configurations, and access controls associated with the HSF deployment.

User Groups

Within this organization, two user groups are established: hsf-admin and hsf-user. The hsf-admin group has organization admin privileges and is intended for platform administrators and users managing the implementation of HSF. The hsf-user group, by contrast, is granted organization viewer privileges and is designed for broader team access to view and use the workflows without elevated permissions.

Secrets

Secrets are also created at the organization level to securely manage authentication and access credentials. HSF Platform API Key, stores the secret value associated with the harness-platform-manager service account. This key is managed by a pipeline that automatically handles rotation to maintain security best practices. hsf_harness_stub_secret_key and hsf_harness_stub_access_key are also created.

Projects

Several projects are initialized within the harness-platform-management organization.

The Solutions Factory project contains all the core pipelines and configurations required to manage HSF.
The Image Factory project is the target destination for the deployment of CI image factory. In the future it will house all of the HSF image specific factories.
The Delegate Management project is the target destination for the delegate image factory.

Pipelines

The Solutions Factory project includes eight pipelines, each designed to perform a specific role in the HSF lifecycle. The initial deployment of the framework automatically provisions four of these pipelines: Manage Pilot Light, Rotate HSF Token, Deploy Solutions Factory, and Mirror Harness Official Solutions Factory Repository.

The Deploy Solutions Factory pipeline handles additional configuration tasks related to setting up and managing the HSF deployment. It ensures that the target environment is properly initialized and ready to operate.
The Mirror Harness Official Solutions Factory Repository pipeline is responsible for cloning and copying data from the official HSF repository into your target Harness account. It also manages the synchronization of updates during future releases, effectively keeping your local copy aligned with the source of truth.
The Register IDP Templates pipeline automatically imports all available templates from the harness-template-library and registers them into your IDP instance. This ensures that your IDP has access to the full suite of templates required to power self-service workflows.
The Register Custom IDP Templates pipeline automatically imports all available templates from the custom-harness-template-library and registers them into your IDP instance.
The Rotate HSF Token pipeline handles secure token rotation for the harness-platform-manager service account.
The Manage Pilot Light pipeline applies updates and changes to the core HSF framework. It is used to maintain and evolve the foundational infrastructure that supports the overall platform.
The Create and Manage IACM Workspaces pipeline is invoked at the start of each workflow execution. It provisions and manages IACM workspaces, ensuring that the required infrastructure is in place before any resource provisioning begins.
The Provision Workspace pipeline plans and applies workflows (with built-in approvals).
The Execute IACM Workspaces pipeline is responsible for executing the IACM workspace by applying the selected templates and provisioning the actual Harness resources defined within the workflow.
The Plan and Validate IACM Workspace pipeline verifies Terraform code.
The Mirror Harnesss Official Solutions Factory Repos pipeline mirrors the official repos and pulls in any new updates that we release to the code base.
The Execute Drift Analysis pipeline identifies configuration drift from source code.
The Teardown IACM Workspace pipeline removes workspaces (with built-in approvals).
The Bulk Workspace Management pipeline allows for bulk operations.
The Bulk Workspace IDP Registration pipeline allows for backwards compatibility from older version to load older resources into IDP.

Workspaces

Two IACM workspaces are created as part of the HSF framework:

The Harness Pilot Light workspace manages and controls the core framework components.
The Harness Solutions Factory workspace manages the “engine” layer of HSF, including the logic for requests made via IDP and the execution and provisioning of associated resources. This is the workspace that handles the practical implementation of self-service requests.

Repositories

There are three repositories included in the deployment and exist under the organization level. You can find them under Harness Platform Management (organization) → Solutions Factory (account) → Code Repository (module) → Repositories:

The harness-solutions-factory repository houses all of the source code that is required to standup and run Harness Solutions Factory. A code branch rule called harness_solutions_factory_codeowners is created in this repository.
The harness-template-library repository houses all of the scaffold and templates for how to manage Harness resources. A code branch rule called harness_solutions_factory_codeowners is created in this repository.
The harness-delegate-setup repository serves as an example of how to build a custom Harness Delegate and automate the addition of tools into the delegate.
The custom-harness-template-library repository houses customized templates created to support Harness entity management and provisioning.

Service Accounts​

Variables​

Connectors​

Organizations​

User Groups​

Secrets​

Projects​

Pipelines​

Workspaces​

Repositories​