harness-code-integration

Harness Code Integration Skill

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "harness-code-integration" with this command: npx skills add lobbi-docs/claude/lobbi-docs-claude-harness-code-integration

Harness Code Integration Skill

Manage Harness Code repositories, triggers, PR pipelines, and GitOps workflows.

Use For

  • Repository setup, branch protection, PR validation pipelines

  • Triggers (push, PR, tag), GitOps workflows, code policies

Repository Structure for EKS Deployments

my-app/ # Harness Code repository ├── src/ # Application source ├── charts/ │ └── my-service/ │ ├── Chart.yaml │ ├── values.yaml │ ├── values-dev.yaml │ ├── values-staging.yaml │ ├── values-prod.yaml │ └── templates/ ├── .harness/ │ ├── pipelines/ │ │ ├── build.yaml │ │ ├── deploy-dev.yaml │ │ ├── deploy-staging.yaml │ │ └── deploy-prod.yaml │ └── inputsets/ │ ├── dev-inputs.yaml │ └── prod-inputs.yaml └── keycloak/ └── realm-export.json

Harness Code Connector

connector: name: Harness Code identifier: harness_code type: HarnessCode spec: authentication: type: Http spec: type: UsernameToken spec: username: <+secrets.getValue("harness_code_user")> tokenRef: harness_code_token

Triggers

Push Trigger (Main Branch)

trigger: name: Main Branch Push identifier: main_push enabled: true encryptedWebhookSecretIdentifier: "" description: "Deploy on push to main" source: type: Webhook spec: type: HarnessCode spec: repoName: my-app events: - Push actions: [] payloadConditions: - key: targetBranch operator: Equals value: main pipelineIdentifier: deploy_pipeline inputSetRefs: - main_inputs stagesToExecute: []

Pull Request Trigger

trigger: name: PR Validation identifier: pr_validation enabled: true source: type: Webhook spec: type: HarnessCode spec: repoName: my-app events: - PullRequest actions: - Open - Reopen - Edit - Synchronize payloadConditions: - key: targetBranch operator: In value: main, develop pipelineIdentifier: pr_validation_pipeline

Tag Trigger (Release)

trigger: name: Release Tag identifier: release_tag enabled: true source: type: Webhook spec: type: HarnessCode spec: repoName: my-app events: - Push payloadConditions: - key: ref operator: StartsWith value: refs/tags/v pipelineIdentifier: release_pipeline inputYaml: | pipeline: identifier: release_pipeline variables: - name: version type: String value: <+trigger.payload.ref>.replace("refs/tags/", "")

PR Validation Pipeline

pipeline: name: PR Validation identifier: pr_validation_pipeline stages: - stage: name: Validate type: CI spec: cloneCodebase: true infrastructure: type: KubernetesDirect spec: connectorRef: eks_connector namespace: ci-runners execution: steps: - step: type: Run name: Lint Helm Chart spec: shell: Bash command: | helm lint charts/my-service helm template charts/my-service --debug - step: type: Run name: Security Scan spec: shell: Bash command: | trivy config charts/my-service checkov -d charts/my-service - step: type: Run name: Unit Tests spec: shell: Bash command: npm test - step: type: Plugin name: PR Comment spec: connectorRef: harness_code image: plugins/github-comment settings: message: "✅ All checks passed!"

Branch Protection Rules

Configure via Harness Code UI or API:

branchProtection: pattern: main rules: - requirePullRequest: true - requireReviews: count: 1 dismissStaleReviews: true requireCodeOwners: true - requireStatusChecks: strict: true contexts: - "pr_validation_pipeline" - requireSignedCommits: false - restrictPushes: allowedUsers: [] allowedTeams: - platform-team - restrictDeletions: true - requireLinearHistory: false

GitOps Integration (ArgoCD via Harness)

Update Release Repo

  • step: type: GitOpsUpdateReleaseRepo name: Update GitOps Repo identifier: update_gitops spec: connectorRef: harness_code repoName: gitops-config filePath: apps/<+service.name>/<+env.name>/values.yaml fileContent: | image: repository: <+artifact.image> tag: <+artifact.tag> keycloak: clientId: <+service.name>-client

GitOps Sync

  • step: type: GitOpsSync name: Sync Application identifier: gitops_sync spec: applicationIdentifier: <+service.name>-<+env.name> prune: true dryRun: false

Manifest Sources from Harness Code

Helm Chart from Repo

manifests:

  • manifest: identifier: main_chart type: HelmChart spec: store: type: HarnessCode spec: repoName: my-app branch: <+pipeline.variables.branch> folderPath: charts/my-service chartName: my-service helmVersion: V3

Values Override

manifests:

  • manifest: identifier: values_override type: Values spec: store: type: HarnessCode spec: repoName: my-app branch: main paths: - charts/my-service/values-<+env.name>.yaml

Kustomize from Repo

manifests:

  • manifest: identifier: kustomize type: Kustomize spec: store: type: HarnessCode spec: repoName: my-app branch: main folderPath: k8s/overlays/<+env.name>

Code Quality Gates

  • step: type: Run name: Quality Gate spec: shell: Bash command: | # Helm lint helm lint charts/my-service --strict

      # Security scan
  trivy config charts/my-service --severity HIGH,CRITICAL --exit-code 1

  # Keycloak realm validation
  if [ -f keycloak/realm-export.json ]; then
    jq -e '.realm' keycloak/realm-export.json > /dev/null
  fi
envVariables:
  TRIVY_SEVERITY: HIGH,CRITICAL

Expressions for Harness Code

Expression Purpose

<+trigger.payload.repository.name>

Repository name

<+trigger.payload.ref>

Git reference (branch/tag)

<+trigger.payload.pullRequest.number>

PR number

<+trigger.payload.pullRequest.sourceBranch>

PR source branch

<+trigger.payload.pullRequest.targetBranch>

PR target branch

<+trigger.payload.sender.login>

User who triggered

<+codebase.commitSha>

Full commit SHA

<+codebase.shortCommitSha>

Short commit SHA

<+codebase.branch>

Branch name

<+codebase.tag>

Tag name (if tagged)

Webhook Payload Examples

Push Event

{ "ref": "refs/heads/main", "before": "abc123", "after": "def456", "repository": { "name": "my-app", "full_name": "org/my-app" }, "commits": [ { "id": "def456", "message": "feat: add new endpoint", "author": { "name": "Developer" } } ] }

Pull Request Event

{ "action": "opened", "number": 42, "pullRequest": { "title": "Add Keycloak integration", "sourceBranch": "feature/keycloak", "targetBranch": "main", "state": "open" } }

Troubleshooting

Issue Solution

Trigger not firing Check webhook configuration, verify event type

Clone failed Verify connector credentials, check repo access

Branch not found Confirm branch exists, check payload conditions

PR comment failed Verify connector has write permissions

GitOps sync timeout Check ArgoCD health, verify manifest validity

References

  • Harness Code Triggers

  • GitOps with Harness

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

devops practices

No summary provided by upstream source.

Repository SourceNeeds Review
-6
lobbi-docs
Coding

local-eks-development

No summary provided by upstream source.

Repository SourceNeeds Review
-5
lobbi-docs
Coding

helm-development

No summary provided by upstream source.

Repository SourceNeeds Review
-5
lobbi-docs