[Infrastructure as Code (IaC) Terraform] Terraform Harbor Examples about using Terraform Harbor Provider to manage projects and users

Posted on Edited on In , Views: Word count in article: 3.8k Reading time ≈ 3 mins.

Terraform Harbor Examples

Harbor is an open source registry that secures artifacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted. Harbor, a CNCF Graduated project, delivers compliance, performance, and interoperability to help you consistently and securely manage artifacts across cloud native compute platforms like Kubernetes and Docker.

Examples about using Terraform Harbor Provider to manage Harbor projects and users.

Prerequsites

Configuration

Terraform Variables

First, Specify values for Harbor Provider variables within terraform.tfvars.

Remember to replace <> with your prefered value.

1
2
3
harbor_url      = "<Your Harbor URL>"
harbor_username = "<Your Harbor User Name>"
harbor_password = "<Your Harbor Password>"

Harbor Provider

Create or edit harbor.tf file.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# harbor.tf

# Docs overview | BESTSELLER/harbor | Terraform Registry
# https://registry.terraform.io/providers/BESTSELLER/harbor/latest/docs
terraform {
  required_providers {
    harbor = {
      source  = "BESTSELLER/harbor"
      version = "3.1.9"
    }
  }
}

provider "harbor" {
  url      = var.harbor_url
  username = var.harbor_username
  password = var.harbor_password
  insecure = true
  #   api_version = 2
}

Harbor Project

Create or edit harbor_project.tf file.

1
2
3
4
5
6
7
8
9
# harbor_project.tf

# terraform-provider-harbor/project.md at master · BESTSELLER/terraform-provider-harbor
# https://github.com/BESTSELLER/terraform-provider-harbor/blob/master/docs/resources/project.md
resource "harbor_project" "cloudolife" {
  name                   = "cloudolife"
  public                 = false # (Optional) Default value is false
  vulnerability_scanning = true  # (Optional) Default vale is true. Automatically scan images on push 
}

Harbor User

Create or edit harbor_user.tf file.

Remember to replace <> with your prefered value.

1
2
3
4
5
6
7
8
9
10
11
# harbor_user.tf

# harbor_user | Resources | BESTSELLER/harbor | Terraform Registry
# https://registry.terraform.io/providers/BESTSELLER/harbor/latest/docs/resources/user
resource "harbor_user" "cloudolife" {
  username  = "cloudolife"
  password  = "<Your Password>"
  full_name = "CloudoLife"
  email     = "[email protected]"
  admin = true
}

Harbor Project Member User

Create or edit harbor_project_member_user.tf file.

1
2
3
4
5
6
7
8
9
# harbor_project_member_user.tf

# terraform-provider-harbor/project_member_user.md at master · BESTSELLER/terraform-provider-harbor
# https://github.com/BESTSELLER/terraform-provider-harbor/blob/master/docs/resources/project_member_user.md
resource "harbor_project_member_user" "cloudolife" {
  project_id = harbor_project.cloudolife.id
  user_name  = harbor_user.cloudolife.username
  role       = "projectadmin"
}

Run

Terraform Init

1
terraform init

It will download the Terraform Harbor Provider binary.

Terraform apply

1
$ terraform apply

It will dispaly the execute plan and wait for your make yes or no.

Then you will see the Harbor project and user on Harbor Web UI.

Terraform destroy

1
$ terraform destroy

It will destroy all above Harbor resources managed by Terraform.

Reference

[1] BESTSELLER/harbor | Terraform Registry - https://registry.terraform.io/providers/BESTSELLER/harbor/latest

[2] BESTSELLER/terraform-provider-harbor: A terraform provider for Harbor. Used to configure an instance of Harbor. - https://github.com/BESTSELLER/terraform-provider-harbor

[3] Terraform Registry - https://registry.terraform.io/

[4] Terraform by HashiCorp - https://www.terraform.io/

[5] Harbor - https://goharbor.io/