config
config get
Fetch the current Harbor configuration.
Options
--flatten/--no-flatten
Flatten config response to a single level.
Type: boolean (flag)
Default: True
config update
Update the Harbor configuration.
One or more configuration parameters must be provided.
Options
--auth-mode
<AUTH_MODE>
The auth mode of current system, such as "db_auth", "ldap_auth", "oidc_auth"
Type: text
--email-from
<EMAIL_FROM>
Type: text
--email-host
<EMAIL_HOST>
Type: text
--email-identity
<EMAIL_IDENTITY>
Type: text
--email-insecure
<EMAIL_INSECURE>
Type: boolean
--email-password
<EMAIL_PASSWORD>
Type: text
--email-port
<EMAIL_PORT>
Type: integer
--email-ssl
<EMAIL_SSL>
Type: boolean
--email-username
<EMAIL_USERNAME>
Type: text
--ldap-base-dn
<LDAP_BASE_DN>
The Base DN for LDAP binding.
Type: text
--ldap-filter
<LDAP_FILTER>
The filter for LDAP search
Type: text
--ldap-group-base-dn
<LDAP_GROUP_BASE_DN>
The base DN to search LDAP group.
Type: text
--ldap-group-admin-dn
<LDAP_GROUP_ADMIN_DN>
Specify the ldap group which have the same privilege with Harbor admin
Type: text
--ldap-group-attribute-name
<LDAP_GROUP_ATTRIBUTE_NAME>
The attribute which is used as identity of the LDAP group, default is cn.'
Type: text
--ldap-group-search-filter
<LDAP_GROUP_SEARCH_FILTER>
The filter to search the ldap group
Type: text
--ldap-group-search-scope
<LDAP_GROUP_SEARCH_SCOPE>
The scope to search ldap group. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''
Type: integer
--ldap-scope
<LDAP_SCOPE>
The scope to search ldap users,'0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'
Type: integer
--ldap-search-dn
<LDAP_SEARCH_DN>
The DN of the user to do the search.
Type: text
--ldap-search-password
<LDAP_SEARCH_PASSWORD>
The password of the ldap search dn
Type: text
--ldap-timeout
<LDAP_TIMEOUT>
Timeout in seconds for connection to LDAP server
Type: integer
--ldap-uid
<LDAP_UID>
The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname"
Type: text
--ldap-url
<LDAP_URL>
The URL of LDAP server
Type: text
--ldap-verify-cert
<LDAP_VERIFY_CERT>
Whether verify your OIDC server certificate, disable it if your OIDC server is hosted via self-hosted certificate.
Type: boolean
--ldap-group-membership-attribute
<LDAP_GROUP_MEMBERSHIP_ATTRIBUTE>
The user attribute to identify the group membership
Type: text
--project-creation-restriction
<PROJECT_CREATION_RESTRICTION>
Indicate who can create projects, it could be ''adminonly'' or ''everyone''.
Type: text
--read-only
<READ_ONLY>
The flag to indicate whether Harbor is in readonly mode.
Type: boolean
--self-registration
<SELF_REGISTRATION>
Whether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance.
Type: boolean
--token-expiration
<TOKEN_EXPIRATION>
The expiration time of the token for internal Registry, in minutes.
Type: integer
--uaa-client-id
<UAA_CLIENT_ID>
The client id of UAA
Type: text
--ua
<UAA_CLIENT_SECRET>
The client secret of the UAA
Type: text
--uaa-endpoint
<UAA_ENDPOINT>
The endpoint of the UAA
Type: text
--uaa-verify-cert
<UAA_VERIFY_CERT>
Verify the certificate in UAA server
Type: boolean
--http-authproxy-endpoint
<HTTP_AUTHPROXY_ENDPOINT>
The endpoint of the HTTP auth
Type: text
--http-authproxy-tokenreview-endpoint
<HTTP_AUTHPROXY_TOKENREVIEW_ENDPOINT>
The token review endpoint
Type: text
--http-authproxy-admin-groups
<HTTP_AUTHPROXY_ADMIN_GROUPS>
The group which has the harbor admin privileges
Type: text
--http-authproxy-admin-usernames
<HTTP_AUTHPROXY_ADMIN_USERNAMES>
The username of the user with admin privileges. NOTE: ONLY ACCEPTS A SINGLE USERNAME DESPITE NAMING SCHEME IMPLYING OTHERWISE!
Type: text
--http-authproxy-verify-cert
<HTTP_AUTHPROXY_VERIFY_CERT>
Verify the HTTP auth provider's certificate
Type: boolean
--http-authproxy-skip-search
<HTTP_AUTHPROXY_SKIP_SEARCH>
Search user before onboard
Type: boolean
--http-authproxy-server-certificate
<HTTP_AUTHPROXY_SERVER_CERTIFICATE>
The certificate of the HTTP auth provider
Type: text
--oidc-name
<OIDC_NAME>
The OIDC provider name
Type: text
--oidc-endpoint
<OIDC_ENDPOINT>
The endpoint of the OIDC provider
Type: text
--oidc-client-id
<OIDC_CLIENT_ID>
The client ID of the OIDC provider
Type: text
--oidc-client-secret
<OIDC_CLIENT_SECRET>
The OIDC provider secret
Type: text
--oidc-groups-claim
<OIDC_GROUPS_CLAIM>
The attribute claims the group name
Type: text
--oidc-admin-group
<OIDC_ADMIN_GROUP>
The OIDC group which has the harbor admin privileges
Type: text
--oidc-scope
<OIDC_SCOPE>
The scope of the OIDC provider
Type: text
--oidc-user-claim
<OIDC_USER_CLAIM>
The attribute claims the username
Type: text
--oidc-verify-cert
<OIDC_VERIFY_CERT>
Verify the OIDC provider's certificate'
Type: boolean
--oidc-auto-onboard
<OIDC_AUTO_ONBOARD>
Auto onboard the OIDC user
Type: boolean
--oidc-extra-redirect-parms
<OIDC_EXTRA_REDIRECT_PARMS>
Extra parameters to add when redirect request to OIDC provider. WARNING: 'parms' not 'parAms', due to Harbor spelling parity (blame them).
Type: text
--robot-token-duration
<ROBOT_TOKEN_DURATION>
The robot account token duration in days
Type: integer
--robot-name-prefix
<ROBOT_NAME_PREFIX>
The rebot account name prefix
Type: text
--notifications
<NOTIFICATION_ENABLE>
Enable notification
Type: boolean
--quota-per-project
<QUOTA_PER_PROJECT_ENABLE>
Enable quota per project
Type: boolean
--storage-per-project
<STORAGE_PER_PROJECT>
The storage quota per project
Type: integer
--audit-log-forward-endpoint
<AUDIT_LOG_FORWARD_ENDPOINT>
The audit log forward endpoint
Type: text
--skip-audit-log-database
<SKIP_AUDIT_LOG_DATABASE>
Skip audit log database
Type: boolean