Importing and validating images in Harbor registry

You can import images into Harbor to preload repositories with commonly used container images.

  1. Update the bootstrap image list.

    Edit the scripts/harbor/bootstrap-images.txt file in the following format:

    source_image target_project target_repository target_tag                    

    For example:

    docker://docker.io/library/nginx:latest devops nginx bootstrap
    docker://docker.io/library/alpine:latest devops alpine bootstrap docker://docker.io/library/busybox:latest devops busybox bootstrap                    
  2. Run the bootstrap script.
    DOMAIN=<DOMAIN> \
    NAMESPACE=devops-loop \
    RELEASE=devops-loop \
    scripts/harbor/bootstrap-images.sh                    
  3. Verify that the imported images are available in Harbor.
  4. Validate image push and pull operations:
    docker login harbor.<DOMAIN>
    docker tag nginx:latest harbor.<DOMAIN>/devops/nginx:test
    docker push harbor.<DOMAIN>/devops/nginx:test
    docker pull harbor.<DOMAIN>/devops/nginx:test
  5. Perform the following steps to verify vulnerability scanning:
    1. Open Harbor.
    2. Navigate to the project that contains the uploaded image.
    3. Enable Automatically scan images on push for the project if it is not already enabled.
    4. Push a container image to the project.
    5. Verify that Harbor displays the vulnerability scan results for the image.

    Harbor scans the image by using Trivy and displays the detected vulnerabilities.

Harbor imports the specified images into the registry. Successful push and pull operations confirm that the registry is functioning correctly. Harbor scans uploaded images by using Trivy and displays the detected vulnerabilities.