harness-mcp-v2 0.9.2 → 0.9.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (39) hide show
  1. package/README.md +470 -388
  2. package/build/config.d.ts +8 -8
  3. package/build/config.d.ts.map +1 -1
  4. package/build/config.js +11 -8
  5. package/build/config.js.map +1 -1
  6. package/build/index.js +2 -2
  7. package/build/index.js.map +1 -1
  8. package/build/prompts/create-agent.d.ts.map +1 -1
  9. package/build/prompts/create-agent.js +119 -475
  10. package/build/prompts/create-agent.js.map +1 -1
  11. package/build/registry/index.js +2 -2
  12. package/build/registry/index.js.map +1 -1
  13. package/build/registry/toolsets/agents.d.ts +3 -0
  14. package/build/registry/toolsets/agents.d.ts.map +1 -0
  15. package/build/registry/toolsets/agents.js +106 -0
  16. package/build/registry/toolsets/agents.js.map +1 -0
  17. package/build/registry/toolsets/governance.d.ts.map +1 -1
  18. package/build/registry/toolsets/governance.js +23 -13
  19. package/build/registry/toolsets/governance.js.map +1 -1
  20. package/build/registry/toolsets/scs.d.ts.map +1 -1
  21. package/build/registry/toolsets/scs.js +2 -1
  22. package/build/registry/toolsets/scs.js.map +1 -1
  23. package/build/registry/types.d.ts +1 -1
  24. package/build/registry/types.d.ts.map +1 -1
  25. package/build/tools/harness-diagnose.js +2 -2
  26. package/build/tools/harness-diagnose.js.map +1 -1
  27. package/build/tools/harness-list.js +1 -1
  28. package/build/tools/harness-list.js.map +1 -1
  29. package/build/tools/harness-status.js +1 -1
  30. package/build/tools/harness-status.js.map +1 -1
  31. package/build/utils/response-formatter.d.ts +2 -2
  32. package/build/utils/response-formatter.d.ts.map +1 -1
  33. package/build/utils/response-formatter.js +4 -4
  34. package/build/utils/response-formatter.js.map +1 -1
  35. package/build/utils/svg/render-png.d.ts +6 -1
  36. package/build/utils/svg/render-png.d.ts.map +1 -1
  37. package/build/utils/svg/render-png.js +7 -4
  38. package/build/utils/svg/render-png.js.map +1 -1
  39. package/package.json +4 -1
package/README.md CHANGED
@@ -2,7 +2,6 @@
2
2
 
3
3
  An MCP (Model Context Protocol) server that gives AI agents full access to the Harness.io platform through 10 consolidated tools and 139 resource types.
4
4
 
5
-
6
5
  ## Why Use This MCP Server
7
6
 
8
7
  Most MCP servers map one tool per API endpoint. For a platform as broad as Harness, that means 240+ tools — and LLMs get worse at tool selection as the count grows. Context windows fill up with schemas, and every new endpoint means new code.
@@ -83,6 +82,18 @@ pnpm start:http # HTTP transport
83
82
  pnpm inspect # Test with MCP Inspector
84
83
  ```
85
84
 
85
+ ### Anthropic MCP Directory bundle
86
+
87
+ The MCPB bundle manifest lives in [`mcp-directory/`](mcp-directory/), and the bundle icon is tracked at [`icon.png`](icon.png) in the repository root. Copy `mcp-directory/manifest.json` to the bundle root after `pnpm build` so the generated archive contains root-level `manifest.json`, `icon.png`, `build/`, `package.json`, and production `node_modules/`.
88
+
89
+ To keep the archive small, build MCPB packages from a staging directory:
90
+
91
+ ```bash
92
+ pnpm prepare:mcpb
93
+ ```
94
+
95
+ The staged package is written to `dist/mcpb/` with production dependencies installed using npm's flat layout.
96
+
86
97
  ### CLI Usage
87
98
 
88
99
  ```bash
@@ -100,13 +111,15 @@ Transport defaults to `stdio` if not specified. Use `http` for remote/shared dep
100
111
 
101
112
  When running in HTTP mode, the server exposes:
102
113
 
103
- | Endpoint | Method | Description |
104
- |----------|--------|-------------|
105
- | `/mcp` | `POST` | MCP JSON-RPC endpoint (initialize + session requests) |
106
- | `/mcp` | `GET` | SSE stream for server-initiated messages (progress, elicitation) |
107
- | `/mcp` | `DELETE` | Terminate an active MCP session |
108
- | `/mcp` | `OPTIONS` | CORS preflight |
109
- | `/health` | `GET` | Health check — returns `{ "status": "ok", "sessions": <count> }` |
114
+
115
+ | Endpoint | Method | Description |
116
+ | --------- | --------- | ---------------------------------------------------------------- |
117
+ | `/mcp` | `POST` | MCP JSON-RPC endpoint (initialize + session requests) |
118
+ | `/mcp` | `GET` | SSE stream for server-initiated messages (progress, elicitation) |
119
+ | `/mcp` | `DELETE` | Terminate an active MCP session |
120
+ | `/mcp` | `OPTIONS` | CORS preflight |
121
+ | `/health` | `GET` | Health check — returns `{ "status": "ok", "sessions": <count> }` |
122
+
110
123
 
111
124
  The HTTP transport runs in **session-based mode**. A new MCP session is created on `initialize`, the server returns an `mcp-session-id` header, and subsequent requests for that session must include the same header.
112
125
 
@@ -206,14 +219,14 @@ Harness also supports a hosted MCP endpoint for accounts that have the managed s
206
219
  > ```
207
220
  >
208
221
  > Find your paths with `which npx` and `which node` in a terminal, then make sure the directory containing `node` is included in the `PATH` value above. Common locations:
222
+ >
209
223
  > - **Homebrew (macOS):** `/opt/homebrew/bin/npx`
210
224
  > - **nvm:** `~/.nvm/versions/node/v20.x.x/bin/npx` (run `nvm which current` to find the exact path)
211
225
  > - **System Node:** `/usr/local/bin/npx`
212
226
 
213
227
  #### Claude Desktop (`claude_desktop_config.json`)
214
228
 
215
- <details open>
216
- <summary>npx (zero install)</summary>
229
+ npx (zero install)
217
230
 
218
231
  ```json
219
232
  {
@@ -229,10 +242,9 @@ Harness also supports a hosted MCP endpoint for accounts that have the managed s
229
242
  }
230
243
  ```
231
244
 
232
- </details>
233
245
 
234
- <details>
235
- <summary>node (local install)</summary>
246
+
247
+ node (local install)
236
248
 
237
249
  ```bash
238
250
  npm install -g harness-mcp-v2
@@ -251,35 +263,32 @@ npm install -g harness-mcp-v2
251
263
  }
252
264
  ```
253
265
 
254
- </details>
266
+
255
267
 
256
268
  #### Claude Code (via `claude mcp add`)
257
269
 
258
- <details open>
259
- <summary>npx (zero install)</summary>
270
+ npx (zero install)
260
271
 
261
272
  ```bash
262
273
  claude mcp add harness -- npx harness-mcp-v2
263
274
  ```
264
275
 
265
- </details>
266
276
 
267
- <details>
268
- <summary>node (local install)</summary>
277
+
278
+ node (local install)
269
279
 
270
280
  ```bash
271
281
  npm install -g harness-mcp-v2
272
282
  claude mcp add harness -- harness-mcp-v2
273
283
  ```
274
284
 
275
- </details>
285
+
276
286
 
277
287
  Then set `HARNESS_API_KEY` in your environment or `.env` file.
278
288
 
279
289
  #### Cursor (`.cursor/mcp.json`)
280
290
 
281
- <details open>
282
- <summary>npx (zero install)</summary>
291
+ npx (zero install)
283
292
 
284
293
  ```json
285
294
  {
@@ -295,10 +304,9 @@ Then set `HARNESS_API_KEY` in your environment or `.env` file.
295
304
  }
296
305
  ```
297
306
 
298
- </details>
299
307
 
300
- <details>
301
- <summary>node (local install)</summary>
308
+
309
+ node (local install)
302
310
 
303
311
  ```bash
304
312
  npm install -g harness-mcp-v2
@@ -317,12 +325,11 @@ npm install -g harness-mcp-v2
317
325
  }
318
326
  ```
319
327
 
320
- </details>
328
+
321
329
 
322
330
  #### Windsurf (`~/.windsurf/mcp.json`)
323
331
 
324
- <details open>
325
- <summary>npx (zero install)</summary>
332
+ npx (zero install)
326
333
 
327
334
  ```json
328
335
  {
@@ -338,10 +345,9 @@ npm install -g harness-mcp-v2
338
345
  }
339
346
  ```
340
347
 
341
- </details>
342
348
 
343
- <details>
344
- <summary>node (local install)</summary>
349
+
350
+ node (local install)
345
351
 
346
352
  ```bash
347
353
  npm install -g harness-mcp-v2
@@ -360,10 +366,9 @@ npm install -g harness-mcp-v2
360
366
  }
361
367
  ```
362
368
 
363
- </details>
364
369
 
365
- <details>
366
- <summary>Using a local build from source?</summary>
370
+
371
+ Using a local build from source?
367
372
 
368
373
  Replace the command with the path to your built `index.js`:
369
374
 
@@ -374,13 +379,14 @@ Replace the command with the path to your built `index.js`:
374
379
  }
375
380
  ```
376
381
 
377
- </details>
382
+
378
383
 
379
384
  ### MCP Gateway
380
385
 
381
386
  The Harness MCP server is fully compatible with MCP Gateways — reverse proxies that provide centralized authentication, governance, tool routing, and observability across multiple MCP servers. Since the server implements the standard MCP protocol with both stdio and HTTP transports, it works behind any MCP-compliant gateway with no code changes.
382
387
 
383
388
  **Why use a gateway?**
389
+
384
390
  - Centralized credential management — no API keys in agent configs
385
391
  - Governance & audit logging for all tool calls across teams
386
392
  - Single endpoint for agents instead of N connections to N MCP servers
@@ -500,23 +506,25 @@ The deployment runs 2 replicas with readiness/liveness probes, resource limits,
500
506
 
501
507
  The server automatically loads environment variables from a `.env` file in the project root if one exists. Copy `.env.example` to `.env` and fill in your values. Environment variables can also be set via your shell or MCP client config.
502
508
 
503
- | Variable | Required | Default | Description |
504
- |----------|----------|---------|-------------|
505
- | `HARNESS_API_KEY` | Yes | -- | Harness personal access token or service account token |
506
- | `HARNESS_ACCOUNT_ID` | No | *(from PAT)* | Harness account identifier. Auto-extracted from PAT tokens; only needed for non-PAT API keys |
507
- | `HARNESS_BASE_URL` | No | `https://app.harness.io` | Base URL (override for self-managed Harness) |
508
- | `HARNESS_ORG` | No | `default` | Organization ID. Used when `org_id` is not specified per tool call. Agents can also discover orgs dynamically via `harness_list(resource_type="organization")` |
509
- | `HARNESS_PROJECT` | No | -- | Project ID. Used when `project_id` is not specified per tool call. Agents can also discover projects dynamically via `harness_list(resource_type="project")` |
510
- | `HARNESS_API_TIMEOUT_MS` | No | `30000` | HTTP request timeout in milliseconds |
511
- | `HARNESS_MAX_RETRIES` | No | `3` | Retry count for transient failures (429, 5xx) |
512
- | `HARNESS_MAX_BODY_SIZE_MB` | No | `10` | Max HTTP request body size in MB for `http` transport |
513
- | `HARNESS_RATE_LIMIT_RPS` | No | `10` | Client-side request throttle (requests per second) to Harness APIs |
514
- | `LOG_LEVEL` | No | `info` | Log verbosity: `debug`, `info`, `warn`, `error` |
515
- | `HARNESS_TOOLSETS` | No | *(all)* | Comma-separated list of enabled toolsets (see [Toolset Filtering](#toolset-filtering)) |
516
- | `HARNESS_READ_ONLY` | No | `false` | Block all mutating operations (create, update, delete, execute). Only list and get are allowed. Useful for shared/demo environments |
517
- | `HARNESS_SKIP_ELICITATION` | No | `false` | Skip all elicitation confirmation prompts. When `true`, write and delete operations proceed without user approval enabling fully autonomous agent workflows. See [Elicitation](#elicitation) |
518
- | `HARNESS_ALLOW_HTTP` | No | `false` | Allow non-HTTPS `HARNESS_BASE_URL`. By default, the server enforces HTTPS for security. Set to `true` only for local development against a non-TLS Harness instance |
519
- | `HARNESS_PIPELINE_VERSION` | No | `0` | **(Alpha)** Pipeline YAML version. Set to `"1"` to guide agents toward `pipeline_v1` (V1 YAML format) for pipeline operations. Both `pipeline` (V0) and `pipeline_v1` (V1) resource types are always available regardless of this setting |
509
+
510
+ | Variable | Required | Default | Description |
511
+ | -------------------------- | -------- | ------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
512
+ | `HARNESS_API_KEY` | Yes | -- | Harness personal access token or service account token |
513
+ | `HARNESS_ACCOUNT_ID` | No | *(from PAT)* | Harness account identifier. Auto-extracted from PAT tokens; only needed for non-PAT API keys |
514
+ | `HARNESS_BASE_URL` | No | `https://app.harness.io` | Base URL (override for self-managed Harness) |
515
+ | `HARNESS_ORG` | No | `default` | Organization ID. Used when `org_id` is not specified per tool call. Agents can also discover orgs dynamically via `harness_list(resource_type="organization")` |
516
+ | `HARNESS_PROJECT` | No | -- | Project ID. Used when `project_id` is not specified per tool call. Agents can also discover projects dynamically via `harness_list(resource_type="project")` |
517
+ | `HARNESS_API_TIMEOUT_MS` | No | `30000` | HTTP request timeout in milliseconds |
518
+ | `HARNESS_MAX_RETRIES` | No | `3` | Retry count for transient failures (429, 5xx) |
519
+ | `HARNESS_MAX_BODY_SIZE_MB` | No | `10` | Max HTTP request body size in MB for `http` transport |
520
+ | `HARNESS_RATE_LIMIT_RPS` | No | `10` | Client-side request throttle (requests per second) to Harness APIs |
521
+ | `LOG_LEVEL` | No | `info` | Log verbosity: `debug`, `info`, `warn`, `error` |
522
+ | `HARNESS_TOOLSETS` | No | *(all)* | Comma-separated list of enabled toolsets (see [Toolset Filtering](#toolset-filtering)) |
523
+ | `HARNESS_READ_ONLY` | No | `false` | Block all mutating operations (create, update, delete, execute). Only list and get are allowed. Useful for shared/demo environments |
524
+ | `HARNESS_SKIP_ELICITATION` | No | `false` | Skip all elicitation confirmation prompts. When `true`, write and delete operations proceed without user approval enabling fully autonomous agent workflows. See [Elicitation](#elicitation) |
525
+ | `HARNESS_ALLOW_HTTP` | No | `false` | Allow non-HTTPS `HARNESS_BASE_URL`. By default, the server enforces HTTPS for security. Set to `true` only for local development against a non-TLS Harness instance |
526
+ | `HARNESS_PIPELINE_VERSION` | No | `0` | **(Alpha)** Pipeline YAML version. Set to `"1"` to guide agents toward `pipeline_v1` (V1 YAML format) for pipeline operations. Both `pipeline` (V0) and `pipeline_v1` (V1) resource types are always available regardless of this setting |
527
+
520
528
 
521
529
  ### HTTPS Enforcement
522
530
 
@@ -536,19 +544,21 @@ The server exposes 11 MCP tools. Most API tools accept `org_id` and `project_id`
536
544
 
537
545
  **URL support:** Most API-facing tools accept a `url` parameter — paste a Harness UI URL and the server auto-extracts org, project, resource type, resource ID, pipeline ID, and execution ID. `harness_describe` does not accept `url`.
538
546
 
539
- | Tool | Description |
540
- |------|-------------|
541
- | `harness_describe` | Discover available resource types, operations, and fields. No API call — returns local registry metadata. |
542
- | `harness_schema` | Fetch exact JSON Schema definitions for creating/updating resources. Supports deep drilling via `path` parameter. |
543
- | `harness_list` | List resources of a given type with filtering, search, and pagination. |
544
- | `harness_get` | Get a single resource by its identifier. |
545
- | `harness_create` | Create a new resource. Supports inline and remote (Git-backed) pipelines. Prompts for user confirmation via [elicitation](#elicitation). |
546
- | `harness_update` | Update an existing resource. Supports inline and remote (Git-backed) pipelines. Prompts for user confirmation via [elicitation](#elicitation). |
547
- | `harness_delete` | Delete a resource. Prompts for user confirmation via [elicitation](#elicitation). Destructive. |
548
- | `harness_execute` | Execute an action on a resource (run/retry pipeline, import pipeline from Git, toggle flag, sync app). Prompts for user confirmation via [elicitation](#elicitation). For pipeline runs, use the runtime-input workflow below (supports `branch`/`tag`/`pr_number`/`commit_sha` shorthand expansion). |
549
- | `harness_search` | Search across multiple resource types in parallel with a single query. |
547
+
548
+ | Tool | Description |
549
+ | ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
550
+ | `harness_describe` | Discover available resource types, operations, and fields. No API call returns local registry metadata. |
551
+ | `harness_schema` | Fetch exact JSON Schema definitions for creating/updating resources. Supports deep drilling via `path` parameter. |
552
+ | `harness_list` | List resources of a given type with filtering, search, and pagination. |
553
+ | `harness_get` | Get a single resource by its identifier. |
554
+ | `harness_create` | Create a new resource. Supports inline and remote (Git-backed) pipelines. Prompts for user confirmation via [elicitation](#elicitation). |
555
+ | `harness_update` | Update an existing resource. Supports inline and remote (Git-backed) pipelines. Prompts for user confirmation via [elicitation](#elicitation). |
556
+ | `harness_delete` | Delete a resource. Prompts for user confirmation via [elicitation](#elicitation). Destructive. |
557
+ | `harness_execute` | Execute an action on a resource (run/retry pipeline, import pipeline from Git, toggle flag, sync app). Prompts for user confirmation via [elicitation](#elicitation). For pipeline runs, use the runtime-input workflow below (supports `branch`/`tag`/`pr_number`/`commit_sha` shorthand expansion). |
558
+ | `harness_search` | Search across multiple resource types in parallel with a single query. |
550
559
  | `harness_diagnose` | Diagnose `pipeline`, `connector`, `delegate`, and `gitops_application` resources (aliases: `execution` -> `pipeline`, `gitops_app` -> `gitops_application`). For pipelines, returns stage/step timing and failure details; for connectors/delegates/GitOps apps, returns targeted health and troubleshooting signals. |
551
- | `harness_status` | Get a real-time project health dashboard — recent executions, failure rates, and deep links. |
560
+ | `harness_status` | Get a real-time project health dashboard — recent executions, failure rates, and deep links. |
561
+
552
562
 
553
563
  ### Tool Examples
554
564
 
@@ -674,25 +684,25 @@ The server exposes 11 MCP tools. Most API tools accept `org_id` and `project_id`
674
684
  Use this sequence to reduce execution-time input errors:
675
685
 
676
686
  1. **Discover required runtime inputs**
677
- - `harness_get(resource_type="runtime_input_template", resource_id="<pipeline_id>")`
678
- - The returned template shows `<+input>` placeholders that need values.
687
+ - `harness_get(resource_type="runtime_input_template", resource_id="<pipeline_id>")`
688
+ - The returned template shows `<+input>` placeholders that need values.
679
689
  2. **Choose input strategy**
680
- - **Simple variables:** pass flat key-value `inputs` (for example `{"branch":"main","env":"prod"}`).
681
- - **Complex/structural inputs:** use `input_set_ids` (CI codebase/build blocks and nested template inputs are best handled this way).
682
- - **CI codebase shorthand keys (pipeline run only):**
683
-
684
- | Shorthand key | Expanded structure |
685
- |---|---|
686
- | `branch` | `build.type=branch`, `build.spec.branch=<value>` |
687
- | `tag` | `build.type=tag`, `build.spec.tag=<value>` |
688
- | `pr_number` | `build.type=PR`, `build.spec.number=<value>` |
689
- | `commit_sha` | `build.type=commitSha`, `build.spec.commitSha=<value>` |
690
-
691
- - **Constraint:** shorthand expansion is skipped when `inputs.build` is already present (explicit `build` wins).
690
+ - **Simple variables:** pass flat key-value `inputs` (for example `{"branch":"main","env":"prod"}`).
691
+ - **Complex/structural inputs:** use `input_set_ids` (CI codebase/build blocks and nested template inputs are best handled this way).
692
+ - **CI codebase shorthand keys (pipeline run only):**
693
+
694
+ | Shorthand key | Expanded structure |
695
+ | ------------- | ------------------------------------------------------ |
696
+ | `branch` | `build.type=branch`, `build.spec.branch=<value>` |
697
+ | `tag` | `build.type=tag`, `build.spec.tag=<value>` |
698
+ | `pr_number` | `build.type=PR`, `build.spec.number=<value>` |
699
+ | `commit_sha` | `build.type=commitSha`, `build.spec.commitSha=<value>` |
700
+
701
+ - **Constraint:** shorthand expansion is skipped when `inputs.build` is already present (explicit `build` wins).
692
702
  3. **Execute the run**
693
- - `harness_execute(resource_type="pipeline", action="run", resource_id="<pipeline_id>", ...)`
703
+ - `harness_execute(resource_type="pipeline", action="run", resource_id="<pipeline_id>", ...)`
694
704
  4. **Optional: combine both**
695
- - Use `input_set_ids` for the base shape and `inputs` for simple overrides.
705
+ - Use `input_set_ids` for the base shape and `inputs` for simple overrides.
696
706
 
697
707
  If required fields are unresolved, the tool returns a pre-flight error with expected keys and suggested input sets. You can inspect available shorthand mappings with `harness_describe(resource_type="pipeline")` (`executeActions.run.inputShorthands`).
698
708
 
@@ -720,11 +730,13 @@ If required fields are unresolved, the tool returns a pre-flight error with expe
720
730
 
721
731
  Harness pipelines can be stored in three ways:
722
732
 
723
- | Mode | Description | When to use |
724
- |------|-------------|-------------|
725
- | **Inline** | Pipeline YAML stored in Harness | Default. Simplest setup, no Git required. |
733
+
734
+ | Mode | Description | When to use |
735
+ | ------------------------- | ------------------------------------------------------- | ------------------------------------------------------------------ |
736
+ | **Inline** | Pipeline YAML stored in Harness | Default. Simplest setup, no Git required. |
726
737
  | **Remote (External Git)** | Pipeline YAML stored in GitHub, GitLab, Bitbucket, etc. | Teams using Git-backed pipeline-as-code with an external provider. |
727
- | **Remote (Harness Code)** | Pipeline YAML stored in a Harness Code repository | Teams using Harness's built-in Git hosting. |
738
+ | **Remote (Harness Code)** | Pipeline YAML stored in a Harness Code repository | Teams using Harness's built-in Git hosting. |
739
+
728
740
 
729
741
  **Create an inline pipeline (default):**
730
742
 
@@ -915,362 +927,432 @@ Harness pipelines can be stored in three ways:
915
927
 
916
928
  ### Platform
917
929
 
918
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
919
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
920
- | `organization` | x | x | x | x | x | |
921
- | `project` | x | x | x | x | x | |
930
+
931
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
932
+ | -------------- | ---- | --- | ------ | ------ | ------ | --------------- |
933
+ | `organization` | x | x | x | x | x | |
934
+ | `project` | x | x | x | x | x | |
935
+
922
936
 
923
937
  ### Pipelines
924
938
 
925
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
926
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
927
- | `pipeline` | x | x | x | x | x | `run`, `retry` |
928
- | `pipeline_v1` **(Alpha)** | x | x | x | x | x | `run` |
929
- | `execution` | x | x | | | | `interrupt` |
930
- | `trigger` | x | x | x | x | x | |
931
- | `pipeline_summary` | | x | | | | |
932
- | `input_set` | x | x | x | x | x | |
933
- | `runtime_input_template` | | x | | | | |
934
- | `approval_instance` | x | | | | | `approve`, `reject` |
939
+
940
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
941
+ | ------------------------- | ---- | --- | ------ | ------ | ------ | ------------------- |
942
+ | `pipeline` | x | x | x | x | x | `run`, `retry` |
943
+ | `pipeline_v1` **(Alpha)** | x | x | x | x | x | `run` |
944
+ | `execution` | x | x | | | | `interrupt` |
945
+ | `trigger` | x | x | x | x | x | |
946
+ | `pipeline_summary` | | x | | | | |
947
+ | `input_set` | x | x | x | x | x | |
948
+ | `runtime_input_template` | | x | | | | |
949
+ | `approval_instance` | x | | | | | `approve`, `reject` |
950
+
935
951
 
936
952
  ### AI Agents
937
953
 
954
+
938
955
  | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
939
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
940
- | `agent` | x | x | x | x | x | |
941
- | `agent_run` | x | | | | | |
956
+ | ------------- | ---- | --- | ------ | ------ | ------ | --------------- |
957
+ | `agent` | x | x | x | x | x | |
958
+ | `agent_run` | x | | | | | |
959
+
942
960
 
943
961
  ### Services
944
962
 
963
+
945
964
  | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
946
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
947
- | `service` | x | x | x | x | x | |
965
+ | ------------- | ---- | --- | ------ | ------ | ------ | --------------- |
966
+ | `service` | x | x | x | x | x | |
967
+
948
968
 
949
969
  ### Environments
950
970
 
971
+
951
972
  | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
952
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
953
- | `environment` | x | x | x | x | x | `move_configs` |
973
+ | ------------- | ---- | --- | ------ | ------ | ------ | --------------- |
974
+ | `environment` | x | x | x | x | x | `move_configs` |
975
+
954
976
 
955
977
  ### Connectors
956
978
 
957
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
958
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
959
- | `connector` | x | x | x | x | x | `test_connection` |
960
- | `connector_catalogue` | x | | | | | |
979
+
980
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
981
+ | --------------------- | ---- | --- | ------ | ------ | ------ | ----------------- |
982
+ | `connector` | x | x | x | x | x | `test_connection` |
983
+ | `connector_catalogue` | x | | | | | |
984
+
961
985
 
962
986
  ### Infrastructure
963
987
 
964
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
965
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
966
- | `infrastructure` | x | x | x | x | x | `move_configs` |
988
+
989
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
990
+ | ---------------- | ---- | --- | ------ | ------ | ------ | --------------- |
991
+ | `infrastructure` | x | x | x | x | x | `move_configs` |
992
+
967
993
 
968
994
  ### Secrets
969
995
 
996
+
970
997
  | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
971
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
972
- | `secret` | x | x | | | | |
998
+ | ------------- | ---- | --- | ------ | ------ | ------ | --------------- |
999
+ | `secret` | x | x | | | | |
1000
+
973
1001
 
974
1002
  ### Execution Logs
975
1003
 
976
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
977
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
978
- | `execution_log` | | x | | | | |
1004
+
1005
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1006
+ | --------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1007
+ | `execution_log` | | x | | | | |
1008
+
979
1009
 
980
1010
  ### Audit Trail
981
1011
 
1012
+
982
1013
  | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
983
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
984
- | `audit_event` | x | x | | | | |
1014
+ | ------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1015
+ | `audit_event` | x | x | | | | |
1016
+
985
1017
 
986
1018
  ### Delegates
987
1019
 
988
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
989
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
990
- | `delegate` | x | | | | | |
991
- | `delegate_token` | x | x | x | | x | `revoke`, `get_delegates` |
1020
+
1021
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1022
+ | ---------------- | ---- | --- | ------ | ------ | ------ | ------------------------- |
1023
+ | `delegate` | x | | | | | |
1024
+ | `delegate_token` | x | x | x | | x | `revoke`, `get_delegates` |
1025
+
992
1026
 
993
1027
  ### Code Repositories
994
1028
 
995
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
996
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
997
- | `repository` | x | x | x | x | | |
998
- | `branch` | x | x | x | | x | |
999
- | `commit` | x | x | | | | `diff`, `diff_stats` |
1000
- | `file_content` | | x | | | | `blame` |
1001
- | `tag` | x | | x | | x | |
1002
- | `repo_rule` | x | x | | | | |
1003
- | `space_rule` | x | x | | | | |
1029
+
1030
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1031
+ | -------------- | ---- | --- | ------ | ------ | ------ | -------------------- |
1032
+ | `repository` | x | x | x | x | | |
1033
+ | `branch` | x | x | x | | x | |
1034
+ | `commit` | x | x | | | | `diff`, `diff_stats` |
1035
+ | `file_content` | | x | | | | `blame` |
1036
+ | `tag` | x | | x | | x | |
1037
+ | `repo_rule` | x | x | | | | |
1038
+ | `space_rule` | x | x | | | | |
1039
+
1004
1040
 
1005
1041
  ### Artifact Registries
1006
1042
 
1007
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1008
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1009
- | `registry` | x | x | | | | |
1010
- | `artifact` | x | | | | | |
1011
- | `artifact_version` | x | | | | | |
1012
- | `artifact_file` | x | | | | | |
1043
+
1044
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1045
+ | ------------------ | ---- | --- | ------ | ------ | ------ | --------------- |
1046
+ | `registry` | x | x | | | | |
1047
+ | `artifact` | x | | | | | |
1048
+ | `artifact_version` | x | | | | | |
1049
+ | `artifact_file` | x | | | | | |
1050
+
1013
1051
 
1014
1052
  ### Templates
1015
1053
 
1054
+
1016
1055
  | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1017
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1018
- | `template` | x | x | x | x | x | |
1056
+ | ------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1057
+ | `template` | x | x | x | x | x | |
1058
+
1019
1059
 
1020
1060
  ### Dashboards
1021
1061
 
1022
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1023
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1024
- | `dashboard` | x | x | | | | |
1025
- | `dashboard_data` | | x | | | | |
1062
+
1063
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1064
+ | ---------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1065
+ | `dashboard` | x | x | | | | |
1066
+ | `dashboard_data` | | x | | | | |
1067
+
1026
1068
 
1027
1069
  ### Internal Developer Portal (IDP)
1028
1070
 
1029
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1030
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1031
- | `idp_entity` | x | x | | | | |
1032
- | `scorecard` | x | x | | | | |
1033
- | `scorecard_check` | x | x | | | | |
1034
- | `scorecard_stats` | | x | | | | |
1035
- | `scorecard_check_stats` | | x | | | | |
1036
- | `idp_score` | x | x | | | | |
1037
- | `idp_workflow` | x | | | | | `execute` |
1038
- | `idp_tech_doc` | x | | | | | |
1071
+
1072
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1073
+ | ----------------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1074
+ | `idp_entity` | x | x | | | | |
1075
+ | `scorecard` | x | x | | | | |
1076
+ | `scorecard_check` | x | x | | | | |
1077
+ | `scorecard_stats` | | x | | | | |
1078
+ | `scorecard_check_stats` | | x | | | | |
1079
+ | `idp_score` | x | x | | | | |
1080
+ | `idp_workflow` | x | | | | | `execute` |
1081
+ | `idp_tech_doc` | x | | | | | |
1082
+
1039
1083
 
1040
1084
  ### Pull Requests
1041
1085
 
1042
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1043
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1044
- | `pull_request` | x | x | x | x | | `merge` |
1045
- | `pr_reviewer` | x | | x | | | `submit_review` |
1046
- | `pr_comment` | x | | x | | | |
1047
- | `pr_check` | x | | | | | |
1048
- | `pr_activity` | x | | | | | |
1086
+
1087
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1088
+ | -------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1089
+ | `pull_request` | x | x | x | x | | `merge` |
1090
+ | `pr_reviewer` | x | | x | | | `submit_review` |
1091
+ | `pr_comment` | x | | x | | | |
1092
+ | `pr_check` | x | | | | | |
1093
+ | `pr_activity` | x | | | | | |
1094
+
1049
1095
 
1050
1096
  ### Feature Flags
1051
1097
 
1052
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1053
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1054
- | `fme_workspace` | x | | | | | |
1055
- | `fme_environment` | x | | | | | |
1056
- | `fme_feature_flag` | x | x | x | x | x | `kill`, `restore`, `archive`, `unarchive` |
1057
- | `fme_feature_flag_definition` | | x | | | | |
1058
- | `fme_rollout_status` | x | | | | | |
1059
- | `fme_rule_based_segment` | x | x | x | | x | |
1060
- | `fme_rule_based_segment_definition` | x | | | x | | `enable`, `disable`, `change_request` |
1061
- | `feature_flag` | x | x | x | | x | `toggle` |
1062
-
1063
- **FME (Split.io) resources** — `fme_*` resources use the Split.io API (`api.split.io`) and are scoped by workspace ID rather than org/project. Auth uses `HARNESS_API_KEY` as a Bearer token. `fme_feature_flag` supports full lifecycle management: create (requires `traffic_type_id`), list, get, update metadata, delete, and kill/restore/archive/unarchive execute actions. `fme_rule_based_segment` provides CRUD for targeting segments, while `fme_rule_based_segment_definition` manages environment-specific segment rules with enable/disable and change request approval flows. Use `feature_flag` for the Harness CF admin API which supports environment-specific definitions, create, delete, and toggle.
1098
+
1099
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1100
+ | ----------------------------------- | ---- | --- | ------ | ------ | ------ | ----------------------------------------- |
1101
+ | `fme_workspace` | x | | | | | |
1102
+ | `fme_environment` | x | | | | | |
1103
+ | `fme_feature_flag` | x | x | x | x | x | `kill`, `restore`, `archive`, `unarchive` |
1104
+ | `fme_feature_flag_definition` | | x | | | | |
1105
+ | `fme_rollout_status` | x | | | | | |
1106
+ | `fme_rule_based_segment` | x | x | x | | x | |
1107
+ | `fme_rule_based_segment_definition` | x | | | x | | `enable`, `disable`, `change_request` |
1108
+ | `feature_flag` | x | x | x | | x | `toggle` |
1109
+
1110
+
1111
+ **FME (Split.io) resources** — `fme_`* resources use the Split.io API (`api.split.io`) and are scoped by workspace ID rather than org/project. Auth uses `HARNESS_API_KEY` as a Bearer token. `fme_feature_flag` supports full lifecycle management: create (requires `traffic_type_id`), list, get, update metadata, delete, and kill/restore/archive/unarchive execute actions. `fme_rule_based_segment` provides CRUD for targeting segments, while `fme_rule_based_segment_definition` manages environment-specific segment rules with enable/disable and change request approval flows. Use `feature_flag` for the Harness CF admin API which supports environment-specific definitions, create, delete, and toggle.
1064
1112
 
1065
1113
  ### GitOps
1066
1114
 
1067
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1068
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1069
- | `gitops_agent` | x | x | | | | |
1070
- | `gitops_application` | x | x | | | | `sync` |
1071
- | `gitops_cluster` | x | x | | | | |
1072
- | `gitops_repository` | x | x | | | | |
1073
- | `gitops_applicationset` | x | x | | | | |
1074
- | `gitops_repo_credential` | x | x | | | | |
1075
- | `gitops_app_event` | x | | | | | |
1076
- | `gitops_pod_log` | | x | | | | |
1077
- | `gitops_managed_resource` | x | | | | | |
1078
- | `gitops_resource_action` | x | | | | | |
1079
- | `gitops_dashboard` | | x | | | | |
1080
- | `gitops_app_resource_tree` | | x | | | | |
1115
+
1116
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1117
+ | -------------------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1118
+ | `gitops_agent` | x | x | | | | |
1119
+ | `gitops_application` | x | x | | | | `sync` |
1120
+ | `gitops_cluster` | x | x | | | | |
1121
+ | `gitops_repository` | x | x | | | | |
1122
+ | `gitops_applicationset` | x | x | | | | |
1123
+ | `gitops_repo_credential` | x | x | | | | |
1124
+ | `gitops_app_event` | x | | | | | |
1125
+ | `gitops_pod_log` | | x | | | | |
1126
+ | `gitops_managed_resource` | x | | | | | |
1127
+ | `gitops_resource_action` | x | | | | | |
1128
+ | `gitops_dashboard` | | x | | | | |
1129
+ | `gitops_app_resource_tree` | | x | | | | |
1130
+
1081
1131
 
1082
1132
  ### Chaos Engineering
1083
1133
 
1084
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1085
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1086
- | `chaos_experiment` | x | x | | | | `run` |
1087
- | `chaos_probe` | x | x | | | | `enable`, `verify` |
1088
- | `chaos_experiment_template` | x | | | | | `create_from_template` |
1089
- | `chaos_infrastructure` | x | | | | | |
1090
- | `chaos_experiment_variable` | x | | | | | |
1091
- | `chaos_experiment_run` | x | x | | | | |
1092
- | `chaos_loadtest` | x | x | x | | x | `run`, `stop` |
1093
- | `chaos_k8s_infrastructure` | x | x | | | | `check_health` |
1094
- | `chaos_hub` | x | x | | | | |
1095
- | `chaos_fault` | x | x | | | | |
1096
- | `chaos_network_map` | x | x | | | | |
1097
- | `chaos_guard_condition` | x | x | | | | |
1098
- | `chaos_guard_rule` | x | x | | | | |
1099
- | `chaos_recommendation` | x | x | | | | |
1100
- | `chaos_risk` | x | x | | | | |
1134
+
1135
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1136
+ | --------------------------- | ---- | --- | ------ | ------ | ------ | ---------------------- |
1137
+ | `chaos_experiment` | x | x | | | | `run` |
1138
+ | `chaos_probe` | x | x | | | | `enable`, `verify` |
1139
+ | `chaos_experiment_template` | x | | | | | `create_from_template` |
1140
+ | `chaos_infrastructure` | x | | | | | |
1141
+ | `chaos_experiment_variable` | x | | | | | |
1142
+ | `chaos_experiment_run` | x | x | | | | |
1143
+ | `chaos_loadtest` | x | x | x | | x | `run`, `stop` |
1144
+ | `chaos_k8s_infrastructure` | x | x | | | | `check_health` |
1145
+ | `chaos_hub` | x | x | | | | |
1146
+ | `chaos_fault` | x | x | | | | |
1147
+ | `chaos_network_map` | x | x | | | | |
1148
+ | `chaos_guard_condition` | x | x | | | | |
1149
+ | `chaos_guard_rule` | x | x | | | | |
1150
+ | `chaos_recommendation` | x | x | | | | |
1151
+ | `chaos_risk` | x | x | | | | |
1152
+
1101
1153
 
1102
1154
  ### Cloud Cost Management (CCM)
1103
1155
 
1104
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1105
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1106
- | `cost_perspective` | x | x | x | x | x | |
1107
- | `cost_breakdown` | x | | | | | |
1108
- | `cost_timeseries` | x | | | | | |
1109
- | `cost_summary` | x | x | | | | |
1110
- | `cost_recommendation` | x | x | | | | `update_state`, `override_savings`, `create_jira_ticket`, `create_snow_ticket` |
1111
- | `cost_anomaly` | x | | | | | |
1112
- | `cost_anomaly_summary` | | x | | | | |
1113
- | `cost_category` | x | x | | | | |
1114
- | `cost_account_overview` | | x | | | | |
1115
- | `cost_filter_value` | x | | | | | |
1116
- | `cost_recommendation_stats` | | x | | | | |
1117
- | `cost_recommendation_detail` | | x | | | | |
1118
- | `cost_commitment` | | x | | | | |
1156
+
1157
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1158
+ | ---------------------------- | ---- | --- | ------ | ------ | ------ | ------------------------------------------------------------------------------ |
1159
+ | `cost_perspective` | x | x | x | x | x | |
1160
+ | `cost_breakdown` | x | | | | | |
1161
+ | `cost_timeseries` | x | | | | | |
1162
+ | `cost_summary` | x | x | | | | |
1163
+ | `cost_recommendation` | x | x | | | | `update_state`, `override_savings`, `create_jira_ticket`, `create_snow_ticket` |
1164
+ | `cost_anomaly` | x | | | | | |
1165
+ | `cost_anomaly_summary` | | x | | | | |
1166
+ | `cost_category` | x | x | | | | |
1167
+ | `cost_account_overview` | | x | | | | |
1168
+ | `cost_filter_value` | x | | | | | |
1169
+ | `cost_recommendation_stats` | | x | | | | |
1170
+ | `cost_recommendation_detail` | | x | | | | |
1171
+ | `cost_commitment` | | x | | | | |
1172
+
1119
1173
 
1120
1174
  ### Software Engineering Insights (SEI)
1121
1175
 
1122
1176
  SEI resources are consolidated for token efficiency. Use `metric` or `aspect` params for DORA, team/org-tree details, and AI insights.
1123
1177
 
1124
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1125
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1126
- | `sei_metric` | x | | | | | |
1127
- | `sei_productivity_metric` | | x | | | | |
1128
- | `sei_dora_metric` | | x | | | | Pass `metric`: deployment_frequency, change_failure_rate, mttr, lead_time, or *_drilldown |
1129
- | `sei_team` | x | x | | | | |
1130
- | `sei_team_detail` | x | | | | | Pass `aspect`: integrations, developers, integration_filters |
1131
- | `sei_org_tree` | x | x | | | | |
1132
- | `sei_org_tree_detail` | x | x | | | | Pass `aspect`: efficiency_profile, productivity_profile, business_alignment_profile, integrations, teams |
1133
- | `sei_business_alignment` | x | x | | | | Pass `aspect`: feature_metrics, feature_summary, drilldown for get |
1134
- | `sei_ai_usage` | x | x | | | | Pass `aspect`: metrics, breakdown, summary, top_languages |
1135
- | `sei_ai_adoption` | x | x | | | | Pass `aspect`: metrics, breakdown, summary |
1136
- | `sei_ai_impact` | | x | | | | Pass `aspect`: pr_velocity, rework |
1137
- | `sei_ai_raw_metric` | x | | | | | |
1178
+
1179
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1180
+ | ------------------------- | ---- | --- | ------ | ------ | ------ | -------------------------------------------------------------------------------------------------------- |
1181
+ | `sei_metric` | x | | | | | |
1182
+ | `sei_productivity_metric` | | x | | | | |
1183
+ | `sei_dora_metric` | | x | | | | Pass `metric`: deployment_frequency, change_failure_rate, mttr, lead_time, or *_drilldown |
1184
+ | `sei_team` | x | x | | | | |
1185
+ | `sei_team_detail` | x | | | | | Pass `aspect`: integrations, developers, integration_filters |
1186
+ | `sei_org_tree` | x | x | | | | |
1187
+ | `sei_org_tree_detail` | x | x | | | | Pass `aspect`: efficiency_profile, productivity_profile, business_alignment_profile, integrations, teams |
1188
+ | `sei_business_alignment` | x | x | | | | Pass `aspect`: feature_metrics, feature_summary, drilldown for get |
1189
+ | `sei_ai_usage` | x | x | | | | Pass `aspect`: metrics, breakdown, summary, top_languages |
1190
+ | `sei_ai_adoption` | x | x | | | | Pass `aspect`: metrics, breakdown, summary |
1191
+ | `sei_ai_impact` | | x | | | | Pass `aspect`: pr_velocity, rework |
1192
+ | `sei_ai_raw_metric` | x | | | | | |
1193
+
1138
1194
 
1139
1195
  ### Software Supply Chain Assurance (SCS)
1140
1196
 
1141
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1142
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1143
- | `scs_artifact_source` | x | | | | | |
1144
- | `artifact_security` | x | x | | | | |
1145
- | `scs_artifact_component` | x | | | | | |
1146
- | `scs_artifact_remediation` | | x | | | | |
1147
- | `scs_chain_of_custody` | | x | | | | |
1148
- | `scs_compliance_result` | x | | | | | |
1149
- | `code_repo_security` | x | x | | | | |
1150
- | `scs_sbom` | | x | | | | |
1197
+
1198
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1199
+ | -------------------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1200
+ | `scs_artifact_source` | x | | | | | |
1201
+ | `artifact_security` | x | x | | | | |
1202
+ | `scs_artifact_component` | x | | | | | |
1203
+ | `scs_artifact_remediation` | | x | | | | |
1204
+ | `scs_chain_of_custody` | | x | | | | |
1205
+ | `scs_compliance_result` | x | | | | | |
1206
+ | `code_repo_security` | x | x | | | | |
1207
+ | `scs_sbom` | | x | | | | |
1208
+
1151
1209
 
1152
1210
  ### Security Testing Orchestration (STO)
1153
1211
 
1154
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1155
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1156
- | `security_issue` | x | | | | | |
1157
- | `security_issue_filter` | x | | | | | |
1158
- | `security_exemption` | x | | | | | `approve`, `reject`, `promote` |
1212
+
1213
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1214
+ | ----------------------- | ---- | --- | ------ | ------ | ------ | ------------------------------ |
1215
+ | `security_issue` | x | | | | | |
1216
+ | `security_issue_filter` | x | | | | | |
1217
+ | `security_exemption` | x | | | | | `approve`, `reject`, `promote` |
1218
+
1159
1219
 
1160
1220
  ### Access Control
1161
1221
 
1162
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1163
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1164
- | `user` | x | x | | | | |
1165
- | `user_group` | x | x | x | | x | |
1166
- | `service_account` | x | x | x | | x | |
1167
- | `role` | x | x | x | | x | |
1168
- | `role_assignment` | x | | x | | | |
1169
- | `resource_group` | x | x | x | | x | |
1170
- | `permission` | x | | | | | |
1222
+
1223
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1224
+ | ----------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1225
+ | `user` | x | x | | | | |
1226
+ | `user_group` | x | x | x | | x | |
1227
+ | `service_account` | x | x | x | | x | |
1228
+ | `role` | x | x | x | | x | |
1229
+ | `role_assignment` | x | | x | | | |
1230
+ | `resource_group` | x | x | x | | x | |
1231
+ | `permission` | x | | | | | |
1232
+
1171
1233
 
1172
1234
  ### Governance
1173
1235
 
1174
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1175
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1176
- | `policy` | x | x | x | x | x | |
1177
- | `policy_set` | x | x | x | x | x | |
1178
- | `policy_evaluation` | x | x | | | | |
1236
+
1237
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1238
+ | ------------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1239
+ | `policy` | x | x | x | x | x | |
1240
+ | `policy_set` | x | x | x | x | x | |
1241
+ | `policy_evaluation` | x | x | | | | |
1242
+
1179
1243
 
1180
1244
  ### Deployment Freeze
1181
1245
 
1182
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1183
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1184
- | `freeze_window` | x | x | x | x | x | `toggle_status` |
1185
- | `global_freeze` | | x | | | | `manage` |
1246
+
1247
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1248
+ | --------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1249
+ | `freeze_window` | x | x | x | x | x | `toggle_status` |
1250
+ | `global_freeze` | | x | | | | `manage` |
1251
+
1186
1252
 
1187
1253
  ### Service Overrides
1188
1254
 
1189
- | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1190
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1191
- | `service_override` | x | x | x | x | x | |
1255
+
1256
+ | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1257
+ | ------------------ | ---- | --- | ------ | ------ | ------ | --------------- |
1258
+ | `service_override` | x | x | x | x | x | |
1259
+
1192
1260
 
1193
1261
  ### Settings
1194
1262
 
1263
+
1195
1264
  | Resource Type | List | Get | Create | Update | Delete | Execute Actions |
1196
- |---------------|:----:|:---:|:------:|:------:|:------:|-----------------|
1197
- | `setting` | x | | | | | |
1265
+ | ------------- | ---- | --- | ------ | ------ | ------ | --------------- |
1266
+ | `setting` | x | | | | | |
1267
+
1198
1268
 
1199
1269
  ### Visualizations
1200
1270
 
1201
1271
  Inline PNG chart visualizations rendered from Harness data. These are metadata-only resource types with no API operations — they exist so the LLM can discover available chart types via `harness_describe`. Use `include_visual=true` on supported tools (`harness_diagnose`, `harness_list`, `harness_status`) to generate charts.
1202
1272
 
1203
- | Resource Type | Description | How to Generate |
1204
- |---------------|-------------|-----------------|
1205
- | `visual_timeline` | Gantt chart of pipeline stage execution over time | `harness_diagnose` with `visual_type: "timeline"` |
1206
- | `visual_stage_flow` | DAG flowchart of pipeline stages and steps | `harness_diagnose` with `visual_type: "flow"` |
1207
- | `visual_health_dashboard` | Project health overview with status indicators | `harness_status` with `include_visual: true` |
1208
- | `visual_pie_chart` | Donut chart of execution status breakdown | `harness_list` with `visual_type: "pie"` |
1209
- | `visual_bar_chart` | Bar chart of execution counts by pipeline | `harness_list` with `visual_type: "bar"` |
1210
- | `visual_timeseries` | Daily execution trend over 30 days | `harness_list` with `visual_type: "timeseries"` |
1211
- | `visual_architecture` | Pipeline YAML architecture diagram (stages → steps) | `harness_diagnose` with `visual_type: "architecture"` |
1273
+
1274
+ | Resource Type | Description | How to Generate |
1275
+ | ------------------------- | --------------------------------------------------- | ----------------------------------------------------- |
1276
+ | `visual_timeline` | Gantt chart of pipeline stage execution over time | `harness_diagnose` with `visual_type: "timeline"` |
1277
+ | `visual_stage_flow` | DAG flowchart of pipeline stages and steps | `harness_diagnose` with `visual_type: "flow"` |
1278
+ | `visual_health_dashboard` | Project health overview with status indicators | `harness_status` with `include_visual: true` |
1279
+ | `visual_pie_chart` | Donut chart of execution status breakdown | `harness_list` with `visual_type: "pie"` |
1280
+ | `visual_bar_chart` | Bar chart of execution counts by pipeline | `harness_list` with `visual_type: "bar"` |
1281
+ | `visual_timeseries` | Daily execution trend over 30 days | `harness_list` with `visual_type: "timeseries"` |
1282
+ | `visual_architecture` | Pipeline YAML architecture diagram (stages → steps) | `harness_diagnose` with `visual_type: "architecture"` |
1283
+
1212
1284
 
1213
1285
  ## MCP Prompts
1214
1286
 
1215
1287
  ### DevOps
1216
1288
 
1217
- | Prompt | Description | Parameters |
1218
- |--------|-------------|------------|
1219
- | `build-deploy-app` | End-to-end CI/CD workflow: scan a git repo, generate CI pipeline (build & push Docker image), discover or generate K8s manifests, create CD pipeline, and deploy — with auto-retry on CI failures (up to 5 attempts) and CD failures (up to 3 attempts with user permission). On exhausted retries, provides Harness UI deep links to all created resources for manual investigation. | `repoUrl` (required), `imageName` (required), `projectId` (optional), `namespace` (optional) |
1220
- | `debug-pipeline-failure` | Analyze a failed execution: accepts an execution ID, pipeline ID, or Harness URL. Gets stage/step breakdown, failure details, delegate info, and failed step logs via `harness_diagnose`, then provides root cause analysis and suggested fixes. Automatically follows chained pipeline failures. | `executionId` (optional), `projectId` (optional) |
1221
- | `create-pipeline` | Generate a new pipeline YAML from natural language requirements, reviewing existing resources for context | `description` (required), `projectId` (optional) |
1222
- | `create-agent` | Interactively build a Harness AI agent check existing agents, gather requirements, generate agent YAML spec using the agent-pipeline schema, confirm with user, then create or update via `harness_create`/`harness_update` | `agent_name` (required), `task_description` (required), `org_id` (optional), `project_id` (optional) |
1223
- | `onboard-service` | Walk through onboarding a new service with environments and a deployment pipeline | `serviceName` (required), `projectId` (optional) |
1224
- | `dora-metrics-review` | Review DORA metrics (deployment frequency, change failure rate, MTTR, lead time) with Elite/High/Medium/Low classification and improvement recommendations | `teamRefId` (optional), `dateStart` (optional), `dateEnd` (optional) |
1225
- | `setup-gitops-application` | Guide through onboarding a GitOps application verify agent, cluster, repo, and create the application | `agentId` (required), `projectId` (optional) |
1226
- | `chaos-resilience-test` | Design a chaos experiment to test service resilience with fault injection, probes, and expected outcomes | `serviceName` (required), `projectId` (optional) |
1227
- | `feature-flag-rollout` | Plan and execute a progressive feature flag rollout across environments with safety gates | `flagIdentifier` (required), `projectId` (optional) |
1228
- | `migrate-pipeline-to-template` | Analyze an existing pipeline and extract reusable stage/step templates from it | `pipelineId` (required), `projectId` (optional) |
1229
- | `delegate-health-check` | Check delegate connectivity, health, token status, and troubleshoot infrastructure issues | `projectId` (optional) |
1230
- | `developer-portal-scorecard` | Review IDP scorecards for services and identify gaps to improve developer experience | `projectId` (optional) |
1231
- | `pending-approvals` | Find pipeline executions waiting for approval, show details, and offer to approve or reject | `projectId` (optional), `orgId` (optional), `pipelineId` (optional) |
1289
+
1290
+ | Prompt | Description | Parameters |
1291
+ | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- |
1292
+ | `build-deploy-app` | End-to-end CI/CD workflow: scan a git repo, generate CI pipeline (build & push Docker image), discover or generate K8s manifests, create CD pipeline, and deploy with auto-retry on CI failures (up to 5 attempts) and CD failures (up to 3 attempts with user permission). On exhausted retries, provides Harness UI deep links to all created resources for manual investigation. | `repoUrl` (required), `imageName` (required), `projectId` (optional), `namespace` (optional) |
1293
+ | `debug-pipeline-failure` | Analyze a failed execution: accepts an execution ID, pipeline ID, or Harness URL. Gets stage/step breakdown, failure details, delegate info, and failed step logs via `harness_diagnose`, then provides root cause analysis and suggested fixes. Automatically follows chained pipeline failures. | `executionId` (optional), `projectId` (optional) |
1294
+ | `create-pipeline` | Generate a new pipeline YAML from natural language requirements, reviewing existing resources for context | `description` (required), `projectId` (optional) |
1295
+ | `create-agent` | Interactively build a Harness AI agent check existing agents, gather requirements, generate agent YAML spec using the agent-pipeline schema, confirm with user, then create or update via `harness_create`/`harness_update` | `agent_name` (required), `task_description` (required), `org_id` (optional), `project_id` (optional) |
1296
+ | `onboard-service` | Walk through onboarding a new service with environments and a deployment pipeline | `serviceName` (required), `projectId` (optional) |
1297
+ | `dora-metrics-review` | Review DORA metrics (deployment frequency, change failure rate, MTTR, lead time) with Elite/High/Medium/Low classification and improvement recommendations | `teamRefId` (optional), `dateStart` (optional), `dateEnd` (optional) |
1298
+ | `setup-gitops-application` | Guide through onboarding a GitOps application verify agent, cluster, repo, and create the application | `agentId` (required), `projectId` (optional) |
1299
+ | `chaos-resilience-test` | Design a chaos experiment to test service resilience with fault injection, probes, and expected outcomes | `serviceName` (required), `projectId` (optional) |
1300
+ | `feature-flag-rollout` | Plan and execute a progressive feature flag rollout across environments with safety gates | `flagIdentifier` (required), `projectId` (optional) |
1301
+ | `migrate-pipeline-to-template` | Analyze an existing pipeline and extract reusable stage/step templates from it | `pipelineId` (required), `projectId` (optional) |
1302
+ | `delegate-health-check` | Check delegate connectivity, health, token status, and troubleshoot infrastructure issues | `projectId` (optional) |
1303
+ | `developer-portal-scorecard` | Review IDP scorecards for services and identify gaps to improve developer experience | `projectId` (optional) |
1304
+ | `pending-approvals` | Find pipeline executions waiting for approval, show details, and offer to approve or reject | `projectId` (optional), `orgId` (optional), `pipelineId` (optional) |
1305
+
1232
1306
 
1233
1307
  ### FinOps
1234
1308
 
1235
- | Prompt | Description | Parameters |
1236
- |--------|-------------|------------|
1237
- | `optimize-costs` | Analyze cloud cost data, surface recommendations and anomalies, prioritized by potential savings | `projectId` (optional) |
1238
- | `cloud-cost-breakdown` | Deep-dive into cloud costs by service, environment, or cluster with trend analysis and anomaly detection | `perspectiveId` (optional), `projectId` (optional) |
1239
- | `commitment-utilization-review` | Analyze reserved instance and savings plan utilization to find waste and optimize commitments | `projectId` (optional) |
1240
- | `cost-anomaly-investigation` | Investigate cost anomalies determine root cause, impacted resources, and remediation | `projectId` (optional) |
1241
- | `rightsizing-recommendations` | Review and prioritize rightsizing recommendations, optionally create Jira or ServiceNow tickets | `projectId` (optional), `minSavings` (optional) |
1309
+
1310
+ | Prompt | Description | Parameters |
1311
+ | ------------------------------- | -------------------------------------------------------------------------------------------------------- | -------------------------------------------------- |
1312
+ | `optimize-costs` | Analyze cloud cost data, surface recommendations and anomalies, prioritized by potential savings | `projectId` (optional) |
1313
+ | `cloud-cost-breakdown` | Deep-dive into cloud costs by service, environment, or cluster with trend analysis and anomaly detection | `perspectiveId` (optional), `projectId` (optional) |
1314
+ | `commitment-utilization-review` | Analyze reserved instance and savings plan utilization to find waste and optimize commitments | `projectId` (optional) |
1315
+ | `cost-anomaly-investigation` | Investigate cost anomalies determine root cause, impacted resources, and remediation | `projectId` (optional) |
1316
+ | `rightsizing-recommendations` | Review and prioritize rightsizing recommendations, optionally create Jira or ServiceNow tickets | `projectId` (optional), `minSavings` (optional) |
1317
+
1242
1318
 
1243
1319
  ### DevSecOps
1244
1320
 
1245
- | Prompt | Description | Parameters |
1246
- |--------|-------------|------------|
1247
- | `security-review` | Review security issues across Harness resources and suggest remediations by severity | `projectId` (optional), `severity` (optional, default: `critical,high`) |
1248
- | `vulnerability-triage` | Triage security vulnerabilities across pipelines and artifacts, prioritize by severity and exploitability | `projectId` (optional), `severity` (optional) |
1249
- | `sbom-compliance-check` | Audit SBOM and compliance posture for artifacts — license risks, policy violations, component vulnerabilities | `artifactId` (optional), `projectId` (optional) |
1250
- | `supply-chain-audit` | End-to-end software supply chain security auditprovenance, chain of custody, policy compliance | `projectId` (optional) |
1251
- | `security-exemption-review` | Review pending security exemptions and make batch approval or rejection decisions | `projectId` (optional) |
1252
- | `access-control-audit` | Audit user permissions, over-privileged accounts, and role assignments to enforce least-privilege | `projectId` (optional), `orgId` (optional) |
1321
+
1322
+ | Prompt | Description | Parameters |
1323
+ | --------------------------- | ------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------- |
1324
+ | `security-review` | Review security issues across Harness resources and suggest remediations by severity | `projectId` (optional), `severity` (optional, default: `critical,high`) |
1325
+ | `vulnerability-triage` | Triage security vulnerabilities across pipelines and artifacts, prioritize by severity and exploitability | `projectId` (optional), `severity` (optional) |
1326
+ | `sbom-compliance-check` | Audit SBOM and compliance posture for artifacts license risks, policy violations, component vulnerabilities | `artifactId` (optional), `projectId` (optional) |
1327
+ | `supply-chain-audit` | End-to-end software supply chain security audit provenance, chain of custody, policy compliance | `projectId` (optional) |
1328
+ | `security-exemption-review` | Review pending security exemptions and make batch approval or rejection decisions | `projectId` (optional) |
1329
+ | `access-control-audit` | Audit user permissions, over-privileged accounts, and role assignments to enforce least-privilege | `projectId` (optional), `orgId` (optional) |
1330
+
1253
1331
 
1254
1332
  ### Harness Code
1255
1333
 
1256
- | Prompt | Description | Parameters |
1257
- |--------|-------------|------------|
1258
- | `code-review` | Review a pull request — analyze diff, commits, checks, and comments to provide structured feedback on bugs, security, performance, and style | `repoId` (required), `prNumber` (required), `projectId` (optional) |
1259
- | `pr-summary` | Auto-generate a PR title and description from the commit history and diff of a branch | `repoId` (required), `sourceBranch` (required), `targetBranch` (optional, default: main), `projectId` (optional) |
1260
- | `branch-cleanup` | Analyze branches in a repository and recommend stale or merged branches to delete | `repoId` (required), `projectId` (optional) |
1334
+
1335
+ | Prompt | Description | Parameters |
1336
+ | ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- |
1337
+ | `code-review` | Review a pull request — analyze diff, commits, checks, and comments to provide structured feedback on bugs, security, performance, and style | `repoId` (required), `prNumber` (required), `projectId` (optional) |
1338
+ | `pr-summary` | Auto-generate a PR title and description from the commit history and diff of a branch | `repoId` (required), `sourceBranch` (required), `targetBranch` (optional, default: main), `projectId` (optional) |
1339
+ | `branch-cleanup` | Analyze branches in a repository and recommend stale or merged branches to delete | `repoId` (required), `projectId` (optional) |
1340
+
1261
1341
 
1262
1342
  ## MCP Resources
1263
1343
 
1264
- | Resource URI | Description | MIME Type |
1265
- |--------------|-------------|-----------|
1266
- | `pipeline:///{pipelineId}` | Pipeline YAML definition | `application/x-yaml` |
1267
- | `pipeline:///{orgId}/{projectId}/{pipelineId}` | Pipeline YAML (with explicit scope) | `application/x-yaml` |
1268
- | `executions:///recent` | Last 10 pipeline execution summaries | `application/json` |
1269
- | `schema:///pipeline` | Harness pipeline JSON Schema | `application/schema+json` |
1270
- | `schema:///template` | Harness template JSON Schema | `application/schema+json` |
1271
- | `schema:///trigger` | Harness trigger JSON Schema | `application/schema+json` |
1272
- | `schema:///pipeline_v1` **(Alpha)** | Harness V1 pipeline JSON Schema (simplified stages/steps format) | `application/schema+json` |
1273
- | `schema:///agent-pipeline` | Harness AI agent pipeline JSON Schema | `application/schema+json` |
1344
+
1345
+ | Resource URI | Description | MIME Type |
1346
+ | ---------------------------------------------- | ---------------------------------------------------------------- | ------------------------- |
1347
+ | `pipeline:///{pipelineId}` | Pipeline YAML definition | `application/x-yaml` |
1348
+ | `pipeline:///{orgId}/{projectId}/{pipelineId}` | Pipeline YAML (with explicit scope) | `application/x-yaml` |
1349
+ | `executions:///recent` | Last 10 pipeline execution summaries | `application/json` |
1350
+ | `schema:///pipeline` | Harness pipeline JSON Schema | `application/schema+json` |
1351
+ | `schema:///template` | Harness template JSON Schema | `application/schema+json` |
1352
+ | `schema:///trigger` | Harness trigger JSON Schema | `application/schema+json` |
1353
+ | `schema:///pipeline_v1` **(Alpha)** | Harness V1 pipeline JSON Schema (simplified stages/steps format) | `application/schema+json` |
1354
+ | `schema:///agent-pipeline` | Harness AI agent pipeline JSON Schema | `application/schema+json` |
1355
+
1274
1356
 
1275
1357
  ## Toolset Filtering
1276
1358
 
@@ -1283,38 +1365,40 @@ HARNESS_TOOLSETS=pipelines,services,connectors
1283
1365
 
1284
1366
  Available toolset names:
1285
1367
 
1286
- | Toolset | Resource Types |
1287
- |---------|---------------|
1288
- | `platform` | organization, project |
1289
- | `pipelines` | pipeline, pipeline_v1, execution, trigger, pipeline_summary, input_set, approval_instance |
1290
- | `agent-pipelines` | agent, agent_run |
1291
- | `services` | service |
1292
- | `environments` | environment |
1293
- | `connectors` | connector, connector_catalogue |
1294
- | `infrastructure` | infrastructure |
1295
- | `secrets` | secret |
1296
- | `logs` | execution_log |
1297
- | `audit` | audit_event |
1298
- | `delegates` | delegate, delegate_token |
1299
- | `repositories` | repository, branch, commit, file_content, tag, repo_rule, space_rule |
1300
- | `registries` | registry, artifact, artifact_version, artifact_file |
1301
- | `templates` | template |
1302
- | `dashboards` | dashboard, dashboard_data |
1303
- | `idp` | idp_entity, scorecard, scorecard_check, scorecard_stats, scorecard_check_stats, idp_score, idp_workflow, idp_tech_doc |
1304
- | `pull-requests` | pull_request, pr_reviewer, pr_comment, pr_check, pr_activity |
1305
- | `feature-flags` | fme_workspace, fme_environment, fme_feature_flag, fme_feature_flag_definition, fme_rollout_status, fme_rule_based_segment, fme_rule_based_segment_definition, feature_flag |
1306
- | `gitops` | gitops_agent, gitops_application, gitops_cluster, gitops_repository, gitops_applicationset, gitops_repo_credential, gitops_app_event, gitops_pod_log, gitops_managed_resource, gitops_resource_action, gitops_dashboard, gitops_app_resource_tree |
1307
- | `chaos` | chaos_experiment, chaos_probe, chaos_experiment_template, chaos_infrastructure, chaos_experiment_variable, chaos_experiment_run, chaos_loadtest, chaos_k8s_infrastructure, chaos_hub, chaos_fault, chaos_network_map, chaos_guard_condition, chaos_guard_rule, chaos_recommendation, chaos_risk |
1308
- | `ccm` | cost_perspective, cost_breakdown, cost_timeseries, cost_summary, cost_recommendation, cost_anomaly, cost_anomaly_summary, cost_category, cost_account_overview, cost_filter_value, cost_recommendation_stats, cost_recommendation_detail, cost_commitment |
1309
- | `sei` | sei_metric, sei_productivity_metric, sei_dora_metric, sei_team, sei_team_detail, sei_org_tree, sei_org_tree_detail, sei_business_alignment, sei_ai_usage, sei_ai_adoption, sei_ai_impact, sei_ai_raw_metric |
1310
- | `scs` | scs_artifact_source, artifact_security, scs_artifact_component, scs_artifact_remediation, scs_chain_of_custody, scs_compliance_result, code_repo_security, scs_sbom |
1311
- | `sto` | security_issue, security_issue_filter, security_exemption |
1312
- | `access_control` | user, user_group, service_account, role, role_assignment, resource_group, permission |
1313
- | `governance` | policy, policy_set, policy_evaluation |
1314
- | `freeze` | freeze_window, global_freeze |
1315
- | `overrides` | service_override |
1316
- | `settings` | setting |
1317
- | `visualizations` | visual_timeline, visual_stage_flow, visual_health_dashboard, visual_pie_chart, visual_bar_chart, visual_timeseries, visual_architecture |
1368
+
1369
+ | Toolset | Resource Types |
1370
+ | ----------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
1371
+ | `platform` | organization, project |
1372
+ | `pipelines` | pipeline, pipeline_v1, execution, trigger, pipeline_summary, input_set, approval_instance |
1373
+ | `agent-pipelines` | agent, agent_run |
1374
+ | `services` | service |
1375
+ | `environments` | environment |
1376
+ | `connectors` | connector, connector_catalogue |
1377
+ | `infrastructure` | infrastructure |
1378
+ | `secrets` | secret |
1379
+ | `logs` | execution_log |
1380
+ | `audit` | audit_event |
1381
+ | `delegates` | delegate, delegate_token |
1382
+ | `repositories` | repository, branch, commit, file_content, tag, repo_rule, space_rule |
1383
+ | `registries` | registry, artifact, artifact_version, artifact_file |
1384
+ | `templates` | template |
1385
+ | `dashboards` | dashboard, dashboard_data |
1386
+ | `idp` | idp_entity, scorecard, scorecard_check, scorecard_stats, scorecard_check_stats, idp_score, idp_workflow, idp_tech_doc |
1387
+ | `pull-requests` | pull_request, pr_reviewer, pr_comment, pr_check, pr_activity |
1388
+ | `feature-flags` | fme_workspace, fme_environment, fme_feature_flag, fme_feature_flag_definition, fme_rollout_status, fme_rule_based_segment, fme_rule_based_segment_definition, feature_flag |
1389
+ | `gitops` | gitops_agent, gitops_application, gitops_cluster, gitops_repository, gitops_applicationset, gitops_repo_credential, gitops_app_event, gitops_pod_log, gitops_managed_resource, gitops_resource_action, gitops_dashboard, gitops_app_resource_tree |
1390
+ | `chaos` | chaos_experiment, chaos_probe, chaos_experiment_template, chaos_infrastructure, chaos_experiment_variable, chaos_experiment_run, chaos_loadtest, chaos_k8s_infrastructure, chaos_hub, chaos_fault, chaos_network_map, chaos_guard_condition, chaos_guard_rule, chaos_recommendation, chaos_risk |
1391
+ | `ccm` | cost_perspective, cost_breakdown, cost_timeseries, cost_summary, cost_recommendation, cost_anomaly, cost_anomaly_summary, cost_category, cost_account_overview, cost_filter_value, cost_recommendation_stats, cost_recommendation_detail, cost_commitment |
1392
+ | `sei` | sei_metric, sei_productivity_metric, sei_dora_metric, sei_team, sei_team_detail, sei_org_tree, sei_org_tree_detail, sei_business_alignment, sei_ai_usage, sei_ai_adoption, sei_ai_impact, sei_ai_raw_metric |
1393
+ | `scs` | scs_artifact_source, artifact_security, scs_artifact_component, scs_artifact_remediation, scs_chain_of_custody, scs_compliance_result, code_repo_security, scs_sbom |
1394
+ | `sto` | security_issue, security_issue_filter, security_exemption |
1395
+ | `access_control` | user, user_group, service_account, role, role_assignment, resource_group, permission |
1396
+ | `governance` | policy, policy_set, policy_evaluation |
1397
+ | `freeze` | freeze_window, global_freeze |
1398
+ | `overrides` | service_override |
1399
+ | `settings` | setting |
1400
+ | `visualizations` | visual_timeline, visual_stage_flow, visual_health_dashboard, visual_pie_chart, visual_bar_chart, visual_timeseries, visual_architecture |
1401
+
1318
1402
 
1319
1403
  ## Architecture
1320
1404
 
@@ -1347,15 +1431,10 @@ Available toolset names:
1347
1431
  ### How It Works
1348
1432
 
1349
1433
  1. **Tools** are generic verbs: `harness_list`, `harness_get`, etc. They accept a `resource_type` parameter that routes to the correct API endpoint.
1350
-
1351
1434
  2. **The Registry** maps each `resource_type` to a `ResourceDefinition` — a declarative data structure specifying the HTTP method, URL path, path/query parameter mappings, and response extraction logic.
1352
-
1353
1435
  3. **Dispatch** resolves the resource definition, builds the HTTP request (path substitution, query params, scope injection), calls the Harness API through `HarnessClient`, and extracts the relevant response data.
1354
-
1355
1436
  4. **Toolset filtering** (`HARNESS_TOOLSETS`) controls which resource definitions are loaded into the registry at startup.
1356
-
1357
1437
  5. **Deep links** are automatically appended to responses, providing direct Harness UI URLs for every resource.
1358
-
1359
1438
  6. **Compact mode** strips verbose metadata from list results, keeping only actionable fields (identity, status, type, timestamps, deep links) to minimize token usage.
1360
1439
 
1361
1440
  ### Adding a New Resource Type
@@ -1517,13 +1596,15 @@ Write tools (`harness_create`, `harness_update`, `harness_delete`, `harness_exec
1517
1596
 
1518
1597
  **Client support:**
1519
1598
 
1520
- | Client | Elicitation Support |
1521
- |--------|-------------------|
1522
- | Cursor | Yes |
1523
- | VS Code (Copilot) | Yes |
1524
- | Claude Desktop | Not yet |
1525
- | Windsurf | Not yet |
1526
- | MCP Inspector | Yes |
1599
+
1600
+ | Client | Elicitation Support |
1601
+ | ----------------- | ------------------- |
1602
+ | Cursor | Yes |
1603
+ | VS Code (Copilot) | Yes |
1604
+ | Claude Desktop | Not yet |
1605
+ | Windsurf | Not yet |
1606
+ | MCP Inspector | Yes |
1607
+
1527
1608
 
1528
1609
  Elicitation behavior varies by operation severity when client support is missing:
1529
1610
  For clients that don't support elicitation:
@@ -1568,7 +1649,6 @@ When enabled, **all** write and delete operations proceed without user confirmat
1568
1649
  - **CORS restricted to same-origin.** The HTTP transport only allows same-origin requests, preventing CSRF attacks from malicious websites targeting the MCP server on localhost.
1569
1650
  - **HTTP rate limiting.** The HTTP transport enforces 60 requests per minute per IP to prevent request flooding.
1570
1651
  - **API rate limiting.** The Harness API client enforces a 10 requests/second limit to avoid hitting upstream rate limits.
1571
-
1572
1652
  - **Pagination bounds enforced.** List queries are capped at 10,000 items total and 100 per page to prevent memory exhaustion.
1573
1653
  - **Retries with backoff.** Transient failures (HTTP 429, 5xx) are retried with exponential backoff and jitter.
1574
1654
  - **Localhost binding.** The HTTP transport binds to `127.0.0.1` by default — not accessible from the network.
@@ -1580,24 +1660,26 @@ The Harness MCP server pairs well with **[Harness Skills](https://github.com/har
1580
1660
 
1581
1661
  ## Troubleshooting & Common Pitfalls
1582
1662
 
1583
- | Symptom | Likely Cause | What to Do |
1584
- |---------|--------------|------------|
1585
- | `HARNESS_ACCOUNT_ID is required when the API key is not a PAT...` | API key is not in PAT format (`pat.<accountId>.<tokenId>.<secret>`) so account ID cannot be inferred | Set `HARNESS_ACCOUNT_ID` explicitly |
1586
- | `Unknown transport: "..."` on startup | Unsupported CLI transport arg | Use `stdio` or `http` only |
1587
- | `Invalid HARNESS_TOOLSETS: ...` on startup | One or more toolset names are not recognized | Use only names from [Toolset Filtering](#toolset-filtering) (exact match) |
1588
- | HTTP `mcp-session-id header is required...` | A session request was sent without session header | Send `initialize` first, then include `mcp-session-id` on `POST/GET/DELETE /mcp` |
1589
- | HTTP `Session not found...` | Session expired (30 min idle TTL) or already closed | Re-run `initialize` to create a new session, then retry with new header |
1590
- | HTTP `405 Method Not Allowed` on `/mcp` | Unsupported method for MCP endpoint | Use `POST`, `GET`, `DELETE`, or `OPTIONS` only |
1591
- | HTTP `Invalid request` | Invalid JSON body or request body exceeded `HARNESS_MAX_BODY_SIZE_MB` | Validate JSON payload size/shape; increase `HARNESS_MAX_BODY_SIZE_MB` if needed |
1592
- | `Unknown resource_type "..."` from tools | Resource type is misspelled or filtered out via `HARNESS_TOOLSETS` | Call `harness_describe` (with optional `search_term`) to discover valid types |
1593
- | `Missing required field "... for path parameter ..."` | A project/org scoped call is missing identifiers | Set `HARNESS_ORG`/`HARNESS_PROJECT` or pass `org_id`/`project_id` per tool call |
1594
- | `Read-only mode is enabled ... operations are not allowed` | `HARNESS_READ_ONLY=true` blocks create/update/delete/execute | Set `HARNESS_READ_ONLY=false` if write operations are intended |
1595
- | Pipeline run fails pre-flight with unresolved required inputs | Provided `inputs` did not cover required runtime placeholders | Fetch `runtime_input_template`, supply missing simple keys, or use `input_set_ids` for structural inputs |
1596
- | Pipeline CI shorthand (`branch`, `tag`, `pr_number`, `commit_sha`) did not apply | `inputs.build` was already provided, so shorthand expansion was intentionally skipped | Remove `inputs.build` to use shorthand expansion, or keep full explicit `build` structure |
1597
- | `Operation declined by user` | User declined the elicitation confirmation dialog | The user chose not to proceed verify the operation details and retry if intended |
1598
- | `body.template_yaml (or body.yaml) is required` for template create/update | Template APIs expect full YAML payload | Provide full `template_yaml` string in `body`; for deletes, pass `version_label` to delete one version (omit to delete all versions) |
1599
- | `HARNESS_BASE_URL must use HTTPS` on startup | `HARNESS_BASE_URL` is set to an HTTP URL | Use HTTPS, or set `HARNESS_ALLOW_HTTP=true` for local development |
1663
+
1664
+ | Symptom | Likely Cause | What to Do |
1665
+ | -------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
1666
+ | `HARNESS_ACCOUNT_ID is required when the API key is not a PAT...` | API key is not in PAT format (`pat.<accountId>.<tokenId>.<secret>`) so account ID cannot be inferred | Set `HARNESS_ACCOUNT_ID` explicitly |
1667
+ | `Unknown transport: "..."` on startup | Unsupported CLI transport arg | Use `stdio` or `http` only |
1668
+ | `Invalid HARNESS_TOOLSETS: ...` on startup | One or more toolset names are not recognized | Use only names from [Toolset Filtering](#toolset-filtering) (exact match) |
1669
+ | HTTP `mcp-session-id header is required...` | A session request was sent without session header | Send `initialize` first, then include `mcp-session-id` on `POST/GET/DELETE /mcp` |
1670
+ | HTTP `Session not found...` | Session expired (30 min idle TTL) or already closed | Re-run `initialize` to create a new session, then retry with new header |
1671
+ | HTTP `405 Method Not Allowed` on `/mcp` | Unsupported method for MCP endpoint | Use `POST`, `GET`, `DELETE`, or `OPTIONS` only |
1672
+ | HTTP `Invalid request` | Invalid JSON body or request body exceeded `HARNESS_MAX_BODY_SIZE_MB` | Validate JSON payload size/shape; increase `HARNESS_MAX_BODY_SIZE_MB` if needed |
1673
+ | `Unknown resource_type "..."` from tools | Resource type is misspelled or filtered out via `HARNESS_TOOLSETS` | Call `harness_describe` (with optional `search_term`) to discover valid types |
1674
+ | `Missing required field "... for path parameter ..."` | A project/org scoped call is missing identifiers | Set `HARNESS_ORG`/`HARNESS_PROJECT` or pass `org_id`/`project_id` per tool call |
1675
+ | `Read-only mode is enabled ... operations are not allowed` | `HARNESS_READ_ONLY=true` blocks create/update/delete/execute | Set `HARNESS_READ_ONLY=false` if write operations are intended |
1676
+ | Pipeline run fails pre-flight with unresolved required inputs | Provided `inputs` did not cover required runtime placeholders | Fetch `runtime_input_template`, supply missing simple keys, or use `input_set_ids` for structural inputs |
1677
+ | Pipeline CI shorthand (`branch`, `tag`, `pr_number`, `commit_sha`) did not apply | `inputs.build` was already provided, so shorthand expansion was intentionally skipped | Remove `inputs.build` to use shorthand expansion, or keep full explicit `build` structure |
1678
+ | `Operation declined by user` | User declined the elicitation confirmation dialog | The user chose not to proceed verify the operation details and retry if intended |
1679
+ | `body.template_yaml (or body.yaml) is required` for template create/update | Template APIs expect full YAML payload | Provide full `template_yaml` string in `body`; for deletes, pass `version_label` to delete one version (omit to delete all versions) |
1680
+ | `HARNESS_BASE_URL must use HTTPS` on startup | `HARNESS_BASE_URL` is set to an HTTP URL | Use HTTPS, or set `HARNESS_ALLOW_HTTP=true` for local development |
1681
+
1600
1682
 
1601
1683
  ## License
1602
1684
 
1603
- MIT
1685
+ MIT