Use Harness Cloud build infrastructure
With Harness Cloud you can run builds in isolation on Harness-hosted VMs that are preconfigured with the tools, packages, and settings commonly used in CI pipelines. Harness hosts, maintains, and upgrades these machines so that you can focus on building software instead of maintaining build infrastructure.
This topic describes how to use Harness-hosted build infrastructure for your Harness CI pipelines, as well as information about machine specifications, special considerations, and additional configuration required for certain use cases.
For more information about the Harness Cloud architecture, go to Get started with Harness Cloud. For a comparison of build infrastructure options, go to Which build infrastructure is right for me?
- You must use Harness Secret Manager to store connector credentials and other secrets.
- All connectors must connect through the Harness Platform, not the delegate.
- AWS connectors can't use IRSA or AssumeRole.
- GCP and Azure connectors can't inherit credentials from the delegate.
Platforms and image specifications
Harness Cloud offers the following operating systems and architectures:
- Linux: amd64 and arm64
- macOS: arm64 (M1)
- Windows: amd64
To enable Windows and macOS for Harness Cloud, contact Harness Support.
Refer to the following image specification README files for more information about image components and preinstalled software.
- Linux amd64 image specifications
- Linux arm64 image specifications
- macOS image specifications
- Windows Server 2019 image specifications
If there are multiple versions of a tool installed, you can specify the version to use in a step's Command.
For example, with the Harness Cloud macOS build infrastructure, you could use the following command in a Run step to select an Xcode version:
sudo xcode-select -switch /Applications/Xcode_14.1.0.app
Install additional tools
If your build requires a tool that isn't already available on the VM, you can use a step to install it directly or run it in a Docker image. There are a variety of steps you can use to do this, such as:
Use the Bitrise plugin step to run Bitrise Integrations in your CI pipelines.
In the following YAML example, an
Action step runs the
actions/setup-java GitHub Action to load Java 17, and then the Run step confirms the Java version.
name: intall java version 17
uses: actions/setup-[email protected]
distribution: 'zulu' # See 'Supported distributions' for available options
name: java version check
JAVA_VER=$(java -version 2>&1 | head -1 | cut -d'"' -f2 | sed '/^1\./s///' | cut -d'.' -f1)
if [[ $JAVA_VER == 17 ]]; then
echo successfully installed $JAVA_VER
The following YAML example demonstrates how a Run step can use a Docker image (specified in
image) to leverage tools available on that image that aren't available on the host image:
name: Print welcome message
platform: // Platform properties describe the target machine required by this stage.
type: Cloud // This build runs on Harness-provided infrastructure.
connectorRef: my_dockerhub // Specify a Docker connector to pull an image from Docker.
image: alpine // If no image is specified, the step runs on the host machine.
command: Echo "Welcome to Harness CI"
Steps running in containers can't communicate with Background steps running on the Harness Cloud build infrastructure, because they do not have a common host.
Use Harness Cloud
You can start using Harness Cloud in minutes.
- Visual editor
- YAML editor
- Go to the pipeline where you want to use Harness Cloud build infrastructure.
- Select the Build stage, and then select the Infrastructure tab.
- Select Harness Cloud and the desired Platform.
- Save and run your pipeline.
To enable Harness Cloud build infrastructure in your pipeline YAML, specify the
runtime in the
stage: spec:. For example:
runtime, you must include
platform, specify the
arch. For a list of supported operating systems and architectures, go to Platforms and image specifications.
Pipeline YAML example
The following YAML example illustrates a basic CI pipeline that uses Harness Cloud build infrastructure:
name: Build sample-app
name: Echo Welcome Message
command: echo "Welcome to Harness CI"
If the host image doesn't have the tools you need for your pipeline, you can install additional tools or run individual steps in their own Docker image. For more information about specifying and installing tools, go to Platforms and image specifications.
Build private repos with Harness Cloud
Whitelisting is only required if your code repository, Docker registry, or Artifactory registry isn't accessible by direct connection over the internet, such as those that are behind firewalls.
You can use Harness Cloud build infrastructure with private repositories. However, if your codebase repository or Docker/Artifactory registry is not publicly accessible, you must whitelist the following IPs in your firewall: