Harbor is the CNCF graduated container registry for enterprises. It provides vulnerability scanning, RBAC, image replication, and artifact management — all self-hosted.
Free, open source. A production-grade alternative to Docker Hub or ECR.
Why Use Harbor?
- Self-hosted — full control over your container images
- Vulnerability scanning — Trivy integration scans every image
- RBAC — project-level access control
- Image replication — sync between registries across regions
- Artifact management — Helm charts, OCI artifacts, not just Docker images
- Quota management — control storage per project
Quick Setup
1. Install
# Download and install
wget https://github.com/goharbor/harbor/releases/download/v2.11.0/harbor-online-installer-v2.11.0.tgz
tar xzf harbor-online-installer-v2.11.0.tgz
cd harbor
# Configure
cp harbor.yml.tmpl harbor.yml
# Edit harbor.yml — set hostname, password, etc.
./install.sh --with-trivy
# Harbor runs on port 80/443
2. Push an Image
# Login
docker login harbor.example.com -u admin -p Harbor12345
# Tag and push
docker tag my-app:latest harbor.example.com/my-project/my-app:v1.0
docker push harbor.example.com/my-project/my-app:v1.0
3. API — List Projects
HARBOR="https://harbor.example.com"
AUTH="admin:Harbor12345"
curl -s -u $AUTH "$HARBOR/api/v2.0/projects" | jq '.[] | {name: .name, repo_count: .repo_count, public: .metadata.public}'
4. List Repositories & Tags
# Repositories in a project
curl -s -u $AUTH "$HARBOR/api/v2.0/projects/my-project/repositories" | jq '.[] | {name: .name, artifact_count: .artifact_count, pull_count: .pull_count}'
# Artifacts (tags) for a repository
curl -s -u $AUTH "$HARBOR/api/v2.0/projects/my-project/repositories/my-app/artifacts" | jq '.[] | {digest: .digest[:16], tags: [.tags[]?.name], size_mb: (.size/1048576 | floor), vulnerabilities: .scan_overview}'
5. Scan for Vulnerabilities
# Trigger scan
curl -s -X POST -u $AUTH "$HARBOR/api/v2.0/projects/my-project/repositories/my-app/artifacts/v1.0/scan"
# Get scan results
curl -s -u $AUTH "$HARBOR/api/v2.0/projects/my-project/repositories/my-app/artifacts/v1.0?with_scan_overview=true" | jq '.scan_overview'
6. Image Replication
# Create replication policy
curl -s -X POST -u $AUTH "$HARBOR/api/v2.0/replication/policies" \
-H "Content-Type: application/json" \
-d '{
"name": "replicate-to-dr",
"src_registry": {"id": 0},
"dest_registry": {"id": 1},
"filters": [{"type": "name", "value": "my-project/**"}],
"trigger": {"type": "event_based"}
}'
Python Example
import requests
HARBOR = "https://harbor.example.com"
auth = ("admin", "Harbor12345")
# List projects
projects = requests.get(f"{HARBOR}/api/v2.0/projects", auth=auth).json()
for p in projects:
print(f"Project: {p['name']} | Repos: {p['repo_count']}")
# List images in project
repos = requests.get(f"{HARBOR}/api/v2.0/projects/my-project/repositories", auth=auth).json()
for r in repos:
print(f" Image: {r['name']} | Pulls: {r['pull_count']} | Artifacts: {r['artifact_count']}")
Key Endpoints
| Endpoint | Description |
|---|---|
| /api/v2.0/projects | Manage projects |
| /api/v2.0/projects/{name}/repositories | List repos |
| /api/v2.0/.../artifacts | List/manage artifacts |
| /api/v2.0/.../artifacts/{ref}/scan | Trigger vulnerability scan |
| /api/v2.0/replication/policies | Replication policies |
| /api/v2.0/users | User management |
| /api/v2.0/systeminfo | System information |
| /api/v2.0/health | Health check |
Need custom data extraction or scraping solution? I build production-grade scrapers for any website. Email: Spinov001@gmail.com | My Apify Actors
Top comments (0)