harbor-operator is a Kubernetes operator that manages Harbor registries, projects, users, and members by synchronizing Custom Resources (CRs) with your Harbor instance via its API.
harbor-operator enables declarative management of Harbor resources in your Kubernetes cluster. You can define your Harbor registries, projects, users, and members using CRDs, and the operator will reconcile these definitions by creating or updating the corresponding entities in Harbor.
Important: harbor-operator does not deploy Harbor itself. Harbor is a complex application, and attempting to deploy it via a single operator can quickly become a rabbit hole. Instead, this operator introduces a CRD called HarborConnection that lets you define the connection details (such as the Harbor API base URL and optional default credentials) for an existing Harbor instance. All other Harbor CRDs (e.g., Registry, Project, User, Member) reference a HarborConnection to obtain these details, ensuring that the operator works with your already-deployed Harbor instance.
- Go: v1.23.0+
- Docker: v17.03+
- kubectl: v1.11.3+
- Access to a Kubernetes v1.11.3+ cluster
- Kind (optional): For local development and testing
For local development with Kind, follow these steps:
-
Edit Your Hosts File
Add the following line to your hosts file (e.g.,
/etc/hostson Linux or macOS):127.0.0.1 core.harbor.domain
This entry allows you to resolve Harbor’s ingress locally.
-
Start a Kind Cluster
Run the following command to create a Kind cluster:
make kind-up
This command creates a Kind cluster and deploys Nginx and Harbor (if needed) for local testing.
-
Deploy harbor-operator in Kind
Build a local image and deploy the operator with:
make kind-deploy
This target builds the image for the operator, loads it into the Kind cluster, and deploys it.
-
Apply Sample Custom Resources
To get started with testing the operator, you can apply the sample CRs from the
config/samples/directory:kubectl apply -k config/samples/
This creates sample instances of your HarborConnection, Registry, and other resources.
-
Build and Push the Image
Build and push the operator image to your registry:
make docker-build docker-push IMG=<your-registry>/harbor-operator:tag
-
Install the CRDs
Install the Custom Resource Definitions into your cluster:
make install
-
Deploy the Operator
Deploy harbor-operator to your cluster using the image built above:
make deploy IMG=<your-registry>/harbor-operator:tag
-
Create Instances of Your CRs
Apply the sample CRs (or your custom YAMLs) to create Harbor resources:
kubectl apply -k config/samples/
NOTE: Make sure the sample YAMLs have default values suitable for your environment.
-
Delete Sample Custom Resources
kubectl delete -k config/samples/
-
Uninstall the CRDs
make uninstall
-
Undeploy the Operator
make undeploy
-
Build the Installer
Build an installer that includes all CRDs and deployment manifests:
make build-installer IMG=<your-registry>/harbor-operator:tag
This command generates an
install.yamlfile in thedist/directory. -
Deploy Using the Installer
Users can install harbor-operator by running:
kubectl apply -f https://raw.githubusercontent.com/<org>/harbor-operator/<tag-or-branch>/dist/install.yaml
-
Generate the Helm Chart
Generate a Helm Chart using the Helm plugin:
kubebuilder edit --plugins=helm/v1-alpha
This creates a chart under the
dist/chartdirectory. -
Distribute the Chart
Users can then install harbor-operator using Helm from the generated chart.
NOTE: After making changes to the project, update the Helm Chart by re-running the above command (with the
--forceflag if necessary) to synchronize your changes.
Contributions are welcome! To contribute:
- Fork the repository and create a feature branch.
- Ensure your changes pass all tests and linters (
make fmt,make vet,make lint). - Submit a pull request with detailed descriptions of your changes.
For more detailed guidelines, please refer to the Kubebuilder Documentation.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.