Harness Key Concepts

Built-in App Tour Guide

AWS AMI Quickstart

AWS CodeDeploy Quickstart

AWS ECS Quickstart

AWS Lambda Quickstart

Helm Quickstart

IIS (.NET) Quickstart

Kubernetes Quickstart

Pivotal Cloud Foundry Quickstart

Tour Harness Manager

Supported Platforms and Technologies

Checklist Builder

Delegate Installation and Management

Delegate Connection Requirements

Delegate Server Requirements

Common Delegate Profile Scripts

Approve or Reject Harness Delegates

Using the Helm Delegate

Target Delegates to Specific Namespaces

Automate Harness Kubernetes Delegate Setup

Connectors Overview

Add Cloud Providers

Add Artifact Servers

Add Azure DevOps Artifact Servers

Add Jenkins Artifact Servers

Add Bamboo Artifact Servers

Add Docker Registry Artifact Servers

Add Nexus Artifact Servers

Add Artifactory Servers

Add Samba Server Artifact Servers

Add SFTP Artifact Servers

Add Helm Repository Artifact Servers

Add Source Repo Providers

Add a GitHub Repo

Add a Bitbucket Repo

Add a GitLab Repo

Add a CodeCommit Repo

Add Collaboration Providers

Add SMTP Collaboration Provider

Add Jira Collaboration Provider

Add ServiceNow Collaboration Provider

Add Verification Providers

Manage User Notifications

Send Slack Messages from Workflows

Manage Alert Notifications

Harness Editions

Migrating to Harness Community

Add Application Stacks

Use Templates

Use Expressions in Workflow and Pipeline Tags

Assign Metadata Using Tags

Apply Filters Using Tags

Manage Tags

Deployments Overview

AMI Deployments Overview

AMI Basic Deployment

AMI Canary Deployment

AMI Blue/Green Deployment

AMI Spotinst Elastigroup Deployment

ECS Deployments Overview

1 - Harness ECS Delegate

2 - ECS Connectors and Providers Setup

3 - ECS Services

4 - ECS Environments

5 - ECS Workflows

6 - ECS Blue/Green Workflows

7 - ECS Setup in YAML

8 - ECS Troubleshooting

Deploy Multiple ECS Sidecar Containers

Lambda Deployment Overview

1 - Delegate and Connectors for Lambda

2 - Services for Lambda

3 - Lambda Environments

4 - Lambda Workflows and Deployments

5 - Verifications and Troubleshooting

Build and Deploy Pipelines Overview

1 - Harness Account Setup

2 - Service and Artifact Source

3 - Build Workflow

4 - Environment

5 - Deploy Workflow

6 - Artifact Build and Deploy Pipelines

7 - Triggers

Azure Deployments Overview

1 - Harness Account Setup for Azure

2 - Service and Azure Artifact Source

3 - Azure Environment

4 - Azure Workflows and Deployments

5 - Azure Troubleshooting

Helm Deployment Guide Overview

1 - Delegate, Providers, and Helm Setup

2 - Helm Services

3 - Helm Environments

4 - Helm Workflows and Deployments

5 - Helm Troubleshooting

Upgrade Native Helm 2 Deployments to Helm 3

IIS (.NET) Deployment Overview

1 - Delegate and Connectors for IIS

2 - Services for IIS (.NET)

3 - IIS Environments in AWS and Azure

4 - IIS Workflows and Pipelines

5 - Best Practices and Troubleshooting

Kubernetes How-tos

Connect to Your Target Kubernetes Platform

Add Container Images for Kubernetes Deployments

Pull an Image from a Private Registry for Kubernetes

Define Kubernetes Manifests

Use Go Templating in Kubernetes Manifests

Adding and Editing Inline Kubernetes Manifest Files

Upload Kubernetes Resource Files

Use a Helm Repository with Kubernetes

Link Resource Files or Helm Charts in Git Repos

Using Harness Config Variables in Manifests

Use Harness Config Files in Manifests

Override Remote Values YAML Files

Override Harness Kubernetes Service Settings

Define Your Kubernetes Target Infrastructure

Provision Kubernetes Infrastructures

Create a Kubernetes Canary Deployment

Create a Kubernetes Rolling Deployment

Create a Kubernetes Blue/Green Deployment

Kubernetes Workflow Variable Expressions

Create Kubernetes Namespaces based on InfraMapping

Create Kubernetes Namespaces with Workflow Variables

Set Up Kubernetes Traffic Splitting

Deploy Manifests Separately using Apply Step

Use Kustomize for Kubernetes Deployments

Ignore a Manifest File During Deployment

Set up Kubernetes Ingress Rules

Scale Kubernetes Pods

Delete Kubernetes Resources

Traffic Splitting Without Istio

Kubernetes Versioning and Annotations

Upgrade to Helm 3 Charts in Kubernetes Services

Using OpenShift with Harness Kubernetes

Harness Kubernetes V2 Changes

Use Helm Chart Hooks in Kubernetes Deployments

Run Kubernetes Jobs

Pivotal Cloud Foundry Deployments

1 - Delegate and Connectors for PCF

2 - Services for PCF

3 - PCF Environments

4 - PCF Workflows and Deployments

Using CLI Plugins in Harness PCF Deployments

Traditional Deployments Overview

1 - Delegate, Providers, and Connectors Setup

2 - Services for App Packages

3 - App Stacks and Default Variables

4 - Commands and Scripts

5 - Environments for Traditional Deployments

6 - Traditional Workflows and Deployments

Create an Application

Add a Service

Use Script Based Services

Add Service Config Variables

Add Service Config Files

Using Custom Artifact Sources

Service Types and Artifact Sources

Add a Docker Artifact Source

Add an Azure DevOps Artifact Source

Add Environment

Add an Infrastructure Definition

Migrating from Service Infrastructures to Infrastructure Definitions

Service Infrastructures

Override a Service Configuration in an Environment

Workflows

Add a Workflow

Deploy Individual Workflows

Verify Workflow

Add a Workflow Notification Strategy

Define Workflow Failure Strategy

Set Workflow Variables

Use Steps for Different Workflow Tasks

Add Phases to a Workflow

Synchronize Workflows in your Pipeline Using Barriers

Templatize a Workflow

Clone a Workflow

Configure Workflows Using YAML

Using the HTTP Command

Using the Shell Script Step

Using the Jenkins Command

Jira Integration

ServiceNow Integration

Passing Variables into Workflows and Pipelines from Triggers

Resource Restrictions

Workflow Queuing

Target Specific Hosts During Deployment

Using the Terraform Apply Command

Skip Workflow Steps

Rollback Production Deployments

Select Nodes in a Rolling Deployment Workflow

Workflow Steps UI Changes

Integrate Tests into Harness Workflows

Pipelines

Resume Pipeline Deployments

Create Pipeline Templates

Pipeline Skip Conditions

Terraform How-tos

Set Up Your Harness Account for Terraform

Add Terraform Scripts

Map Terraform Infrastructure

Provision using the Terraform Provisioner Step

Perform a Terraform Dry Run

Remove Provisioned Infra with Terraform Destroy

Use Terraform Outputs in Workflow Steps

CloudFormation Provisioner

Shell Script Provisioner

Infrastructure Provisioners Overview

Triggers

Harness UI Approvals

Using Variables in Workflow Approvals

ServiceNow Approvals

Custom Shell Script Approvals

Jira Approvals

Harness GitOps

Onboard Teams Using GitOps

Set Up 24/7 Service Guard

Apply Custom Thresholds to 24/7 Service Guard

Add AppDynamics as a Verification Provider

Monitor Applications 24/7 with AppDynamics

Verify Deployments with AppDynamics

Templatize AppDynamics Verification

Set AppDynamics Environment Variables

Connect to Bugsnag

Monitor Applications 24/7 with Bugsnag

Verify Deployments with Bugsnag

Connect to CloudWatch

Monitor Applications 24/7 with CloudWatch

Verify Deployments with CloudWatch

Connect to Datadog

Monitor Applications 24/7 with Datadog Logging

Monitor Applications 24/7 with Datadog Metrics

Verify Deployments with Datadog Logging

Verify Deployments with Datadog Metrics

Connect to Dynatrace

Monitor Applications 24/7 with Dynatrace

Verify Deployments with Dynatrace

Connect to Elasticsearch (ELK)

Monitor Applications 24/7 with Elasticsearch

Verify Deployments with Elasticsearch

Troubleshoot Verification with Elasticsearch

Connect to Logz.io

Verify Deployments with Logz.io

New Relic Verification Overview

1 - New Relic Connection Setup

2 - 24/7 Service Guard for New Relic

3 - New Relic Deployment Marker

4 - Verify Deployments with New Relic

5 - Troubleshooting New Relic

Connect to Prometheus

Monitor Applications 24/7 with Prometheus

Verify Deployments with Prometheus

Connect to Splunk

Monitor Applications 24/7 with Splunk

Verify Deployments with Splunk

Connect to Stackdriver

Monitor Applications 24/7 with Stackdriver Logging

Monitor Applications 24/7 with Stackdriver Metrics

Verify Deployments with Stackdriver Logging

Verify Deployments with Stackdriver Metrics

Sumo Logic Verification Overview

1 - Sumo Logic Connection Setup

2 - 24/7 Service Guard for Sumo Logic

3 - Verify Deployments with Sumo Logic

Instana Verification Overview

1 – Instana Connection Setup

2 – 24/7 Service Guard for Instana

3 – Verify Deployments with Instana

Custom Verification Overview

1 - Custom Verification Connection Setup

2 - 24/7 Service Guard for Custom Logs

3 - 24/7 Service Guard for Custom Metrics

4 - Verify Deployments with Custom APMs and Logs

5 - Datadog as a Custom APM

6 – AppDynamics as a Custom APM

File Jira Tickets on Verification Events

CV Strategies, Tuning, and Best Practices

Apply Custom Thresholds to Deployment Verification

Harness Verification Feedback Overview

Refine 24/7 Service Guard Verification Analysis

Refine Deployment Verification Analysis

Verification Event Classifications

Secrets Management

Add a Secrets Manager

Add Google KMS as a Harness Secrets Manager

Add an AWS KMS Secrets Manager

Add a HashiCorp Vault Secrets Manager

Azure Key Vault Secrets

Add an AWS Secrets Manager

Add a CyberArk Secrets Manager

Migrate Secrets between Secrets Managers

Reference Existing Secret Manager Secrets

Add SSH Keys

Use SSH Key via Kerberos for Server Authentication

Add WinRM Connection Credentials

Use Encrypted Text Secrets

Use Encrypted File Secrets

Managing Harness Secrets

Restrict Secrets Usage

Use Secrets in a Delegate Profile

Managing Users and Groups (RBAC)

Authentication Settings

SSO Provider Overview

Single Sign-On (SSO) with OAuth 2.0

Single Sign-On (SSO) with LDAP

Single Sign-On (SSO) with SAML

Provisioning Users with Okta (SCIM)

Two-Factor Authentication

Deployment Freeze

IP Whitelist Management

API Keys

Audit Trail

Pipeline Governance

Provision Users with OneLogin (SCIM)

Provision Azure AD Users and Groups (SCIM)

Main and Services Dashboards

Custom Dashboards

Serverless Functions Dashboard

Harness Search

Share a Custom Dashboard

Harness On-Prem Release Notes

On-Prem Overview

Kubernetes Connected On-Prem Setup

Docker Connected On-Prem Setup

Docker Connected On-Prem Monitoring

Docker Connected Start/Stop Scripts

Harness Disconnected On-Prem Setup

OpenShift Connected On-Prem Setup

Connected On-Prem Disaster Recovery Strategy (3 Node Architecture)

Connected On-Prem Backup and Restore Strategy

On-Prem Migration

Harness API

Encrypted Text API

Encrypted Files API

SSH Credentials API

WinRM Credentials API

Trigger Workflows or Pipelines Using GraphQL API

Configuration as Code

Harness YAML Code Reference

Diagnose Git Sync Errors

Variables and Expressions in Harness

JSON and XML Functors

Troubleshooting

Diagnose Issues

Harness Kubernetes v1 FAQ

Deployment Concepts and Strategies

CI/CD with the Build Workflow

Artifact Build and Deploy Pipelines Overview

AWS AMI Deployments Overview

AMI Spotinst Elastigroup Deployments Overview

AWS ECS Deployments Overview

AWS Lambda Deployments Overview

Azure Kubernetes Service (AKS) Deployments Overview

Helm Deployments Overview

IIS (.NET) Deployments Overview

Kubernetes Deployments Overview

Pivotal Deployments Overview

Terraform Provisioning with Harness

CloudFormation Provisioning with Harness

Shell Script Provisioning with Harness

Harness HashiCorp Integrations

What Is Continuous Verification (CV)?

Why Perform Continuous Verification?

When Does Harness Verify Deployments?

How Does Harness Perform Continuous Verification?

Who Are Harness' Verification Providers?

Verification Results Overview

24/7 Service Guard Overview

AppDynamics Verification Overview

Bugsnag Verification Overview

CloudWatch Verification Overview

Datadog Verification Overview

Dynatrace Verification Overview

Elasticsearch Verification Overview

Prometheus Verification Overview

Splunk Verification Overview

Stackdriver Verification Overview

Customer Case Studies

Overview of Harness

Canary Deployment Video

Create an Application and Service Video

Create an Environment Video

Create a Workflow Video

Create a Pipeline Video

Create a Trigger Video

All Categories > How-to Guides > Security > Secrets Management > Use Secrets in a Delegate Profile

Use Secrets in a Delegate Profile

Updated 1 month ago by Chakravarthy Tenneti

Before You Begin
Step 1: Add Encrypted Texts
Step 2: Manage Delegate Profiles

To use Secrets in a Delegate Profile, create encrypted text in Harness Secrets Management for the credentials, and then use variable names for those credentials in the Delegate Profile.

In this topic:

Before You Begin
Step 1: Add Encrypted Texts
Step 2: Manage Delegate Profiles

Before You Begin

See Harness Key Concepts.
See Secrets Management Overview.

Step 1: Add Encrypted Texts

For Delegate Profiles, if you wanted to add a Helm repo that requires login credentials to every Kubernetes pod running a Harness Kubernetes Delegate, you can create encrypted text in Harness Secrets Management for those credentials, and then use variable names for those credentials in the Delegate Profile using the ${secrets.getValue("secret_name")} expression.

For more information about Delegate Profiles, see Delegate Profiles and Common Delegate Profile Scripts.

In Harness, select Continuous Security > Secrets Management.
The Secrets Management page appears.
Under Execution Credentials, click Encrypted Text. The Encrypted Text page appears.
Click Add Encrypted Text. The Add Encrypted Text dialog appears.
In Name, enter repoUsername. This name will be used later in the Delegate Profile script to reference this secret.
In Value, enter any username. The dialog will look like this:

In Usage Scope, click Scope to Account. This will scope the secret to the Account-level. It can then be used in a Delegate Profile.
Click Submit.
Add a second encrypted text with the name repoPassword, using any password. Be sure to set Usage Scope to Scope to Account, also. The dialog will look like this:
Click Submit. Now you can create a Delegate Profile and use these secrets.

Step 2: Manage Delegate Profiles

Click Setup.
Click Harness Delegates.
Click Manage Delegate Profiles, and then Add Delegate Profile.
The Manage Delegate Profile dialog appears.
In Name, enter Helm Repo.
In Startup Script, enter your Helm commands using the secrets you created:

helm init --client-only

helm repo add --username${secrets.getValue(“repoUsername”)}--password${secrets.getValue(“repoPassword”)}nginx https://charts.bitnami.com/bitnami

helm repo update

The secrets are referenced as variables using ${secrets.getValue()} and the names you gave them, repoUsername and repoPassword:

${secrets.getValue(“repoUsername”)}
${secrets.getValue(“repoPassword”)}

The Manage Delegate Profile dialog will look like this:
Click Submit.

Now when you add this profile to a Kubernetes Delegate, it will add the Helm repo using the credentials you added as Encrypted Text in Harness Secrets Management.

A quick way to get the name of a secret is to hover over the secrets in Secrets Management and click the Copy icon:

Use Secrets in a Delegate Profile

Before You Begin

Step 1: Add Encrypted Texts

Step 2: Manage Delegate Profiles

How did we do?

Related Articles Reference Existing Secret Manager Secrets Migrate Secrets between Secrets Managers Secrets Management

Feedback

Related Articles

Reference Existing Secret Manager Secrets

Migrate Secrets between Secrets Managers

Secrets Management