Skip to main content

Delegate image types

Harness packages and distributes delegates on different types of images. Delegate images are identified by the delegate name. Image types are distinguished by tag.

Image typeImage tagImage description
DELEGATEyy.mm.xxxxxThe release year, month, and version in dot-separated format. Supported on both NextGen and FirstGen Harness Platform.
DELEGATE-MINIMALyy.mm.xxxxx.minimalThe minimal tag is appended to the release year, month, and version in dot-separated format. Supported on both NextGen and FirstGen Harness Platform.
DELEGATE-LEGACYlatestDelegate that auto upgrades with no flexibility to turn off auto upgrade (DEPRECATED)

Image type comparison

Harness gives you the option to select delegate images with or without third-party client tools. The use of a delegate packaged with third-party binaries speeds the construction of a CD pipeline; Harness CI and STO do not make use of these libraries. The inclusion of third-party binaries, however, increases attack vectors. Consider security as well as ease of use, in your choice of delegate images.

Harness rigorously scans delegate images for vulnerabilities. Harness cannot, however, guarantee the elimination of CVEs from delegate images that include third-party client tools. The vulnerabilities that third-party client tools introduce in delegate images cannot be eliminated until the vulnerabilities are repaired in the third-party tools.

The following table differentiates between delegate images based on key features and recommended use. For those images distributed with auto-upgrade enabled, Harness recommends accepting the auto-upgrade setting.

Third-party client toolsMinimum CVEsAuto-upgrade enabledDisable auto-upgradeNotes
DELEGATE

Base image: RedHat Universal Base Image (redhat/ubi8)
Recommended use: Quick deployment of a pipeline
xInstalled as a Kubernetes Deployment resource.

Renamed from "immutable delegate."
DELEGATE-MINIMAL

Recommended use: To minimize attack vectors, in the enterprise, or when you want to select and install different tools at build time or runtime
xx
DELEGATE-LEGACY

Deprecated: Not recommended for use in new Harness accounts
xx

Third-party tools included in the DELEGATE image type

Third-party tool/SDK78101 and earlier78306 and later
kubectl1.13.2, 1.19.21.24.3
go-template0.4, 0.4.10.4.1
harness-pywinrm0.4-dev0.4-dev
helm2.13.1, 3.1.2, 3.8.02.13.1, 3.1.2, 3.8.0
chartmuseum0.8.2, 0.12.00.15.0
tf-config-inspect1.0, 1.11.1
oc4.2.164.2.16
kustomize3.5.4, 4.0.04.5.4
gitNA2.31.1
scmThe Harness-generated library and version are changed with every fix.The Harness-generated library and version are changed with every fix.

Docker pull commands

The following table provides instructions for retrieval of delegate images.

DelegateDocker command
DELEGATEdocker pull harness/delegate: <yy.mm.xxxxx>
DELEGATE-MINIMALdocker pull harness/delegate: <yy.mm.xxxxx>.minimal