Harbor integration overview
Harbor is an integrated capability in DevOps Loop that provides an OCI-compliant container registry, vulnerability scanning, image signing, and image management capabilities.
DevOps Loop and Harbor are installed
together in one installation process. You must set
HARBOR_ENABLED=true parameter in the DevOps Loop installation
configuration.
Harbor capabilities
Harbor provides the following capabilities when it is integrated with DevOps Loop:
- Container image storage and distribution
- Role-based access control
- Vulnerability scanning through Trivy
- OpenID Connect (OIDC) authentication through Keycloak
- Image replication and lifecycle management
- Image bootstrapping support
Architecture
Harbor uses the following services and infrastructure components when it is integrated with DevOps Loop:
- Keycloak for authentication and supplies group claims
- PostgreSQL for metadata storage
- Valkey for caching
- S3-compatible object storage for image artifacts
- Kubernetes persistent storage for Harbor services
Authentication
Harbor uses the same Keycloak realm and single sign-on session as DevOps Loop. You can authenticate through the configured identity provider and can access Harbor without maintaining separate credentials.