Skip to content

Instantly share code, notes, and snippets.

@rssnyder

rssnyder/hsf.md

Created May 13, 2026 17:22
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save rssnyder/2bc0991ce5f676df3255f2caab326f0b to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save rssnyder/2bc0991ce5f676df3255f2caab326f0b to your computer and use it in GitHub Desktop.
Download ZIP
hsf seller
Raw
hsf.md

Harness Solutions Factory (HSF) — How It Works for Platform Admins

Harness Solutions Factory (HSF) is an automation framework that lets platform engineering teams define, publish, and govern reusable Harness resource bundles — and deliver them to developers through self-service, without requiring any Terraform or platform knowledge on the consumer side.

1. You Define the Templates

Platform admins author Terraform-backed templates that codify opinionated, repeatable configurations — things like a project pre-wired with environments, RBAC roles, user group bindings, pipelines, and connectors. These live in two places:

  • Harness Template Library — Harness-maintained templates reflecting best practices validated by the Center of Excellence, copied locally when HSF is first deployed.
  • Custom Harness Template Library — Your organization's own fork, where you can customize or extend any base template to fit internal standards.

2. You Expose Them as Self-Service Workflows

Workflows are the user-facing entry point to HSF. As a platform admin, you register your templates as IDP Workflows — a simple form-driven UI. A user selects a workflow in IDP, fills out some details, and submits — no direct platform or Terraform knowledge required.

Out-of-the-box examples include:

  • Harness Project Setup — provisions a project with defined name, 3 environments (dev/prod/test), 4 user groups, 2 roles, and 7 user bindings.
  • Deploy Harness CI Golden Standard Templates — jumpstarts CI pipeline creation with a best-practice template that can be customized for different build processes.
  • Deploy Harness SAST & SCA Templates — deploys account-level step group, stage, and pipeline templates for security scanning.

3. The Backend Provisions via IaCM

When a user submits a workflow, here's what happens under the hood:

  1. A "Create and Manage IACM Workspaces" pipeline runs first to set up the workspace.
  2. That pipeline also executes the workspace to actually provision the resources.
  3. Every resource HSF creates is backed by a Terraform workspace in IaCM. Changes go through plan-and-approve cycles, and drift is surfaced in the IDP catalog.

This means every provisioned instance is a live, tracked IaCM workspace — not a one-time script run.

4. You Manage Scale with Mini Factories & Factory Floors

As your footprint grows, HSF gives you two organizational primitives:

  • Mini Factory — brings individual "factory" projects for each organization, so workspaces for a given org are co-located under a specific project rather than piling up in a single central project.
  • Factory Floor — deploys the core HSF pipelines (Provision Workspace, Drift Analysis, Bulk Workspace Management, etc.) directly into a consumer project, enabling a distributed architecture.

5. You Stay in Control Over Time

This is where HSF closes the loop on long-term governance:

  • Drift detection — a scheduled pipeline runs drift analysis, and any detected drift is surfaced directly in the IDP catalog, so you can see which deployed instances have diverged from their template.
  • Managed updates — when Harness releases new versions of HSF templates, a scheduled pipeline creates a pull request in your Custom Template Library. You review and merge on your own timeline — nothing auto-applies.
  • Bulk management — the Bulk Workspace Management pipeline lets admins push changes across many deployed workspaces at once, keeping legacy copies aligned with updated base templates.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment