harbor.Project
Explore with Pulumi AI
Example Usage
Hosted
resource "harbor_project" "main" {
name = "main"
public = false # (Optional) Default value is false
vulnerability_scanning = true # (Optional) Default value is true. Automatically scan images on push
enable_content_trust = true # (Optional) Default value is false. Deny unsigned images from being pulled (notary)
enable_content_trust_cosign = false # (Optional) Default value is false. Deny unsigned images from being pulled (cosign)
auto_sbom_generation = true # (Optional) Default value is false. Automatically generate SBOMs for images
}
Proxy
resource "harbor_project" "main" {
name = "acctest"
registry_id = harbor_registry.docker.registry_id
}
resource "harbor_registry" "docker" {
provider_name = "docker-hub"
name = "test"
endpoint_url = "https://hub.docker.com"
}
Create Project Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Project(name: string, args?: ProjectArgs, opts?: CustomResourceOptions);
@overload
def Project(resource_name: str,
args: Optional[ProjectArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Project(resource_name: str,
opts: Optional[ResourceOptions] = None,
auto_sbom_generation: Optional[bool] = None,
cve_allowlists: Optional[Sequence[str]] = None,
deployment_security: Optional[str] = None,
enable_content_trust: Optional[bool] = None,
enable_content_trust_cosign: Optional[bool] = None,
force_destroy: Optional[bool] = None,
name: Optional[str] = None,
public: Optional[bool] = None,
registry_id: Optional[int] = None,
storage_quota: Optional[int] = None,
vulnerability_scanning: Optional[bool] = None)
func NewProject(ctx *Context, name string, args *ProjectArgs, opts ...ResourceOption) (*Project, error)
public Project(string name, ProjectArgs? args = null, CustomResourceOptions? opts = null)
public Project(String name, ProjectArgs args)
public Project(String name, ProjectArgs args, CustomResourceOptions options)
type: harbor:Project
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ProjectArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ProjectArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ProjectArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ProjectArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ProjectArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var projectResource = new Harbor.Project("projectResource", new()
{
AutoSbomGeneration = false,
CveAllowlists = new[]
{
"string",
},
DeploymentSecurity = "string",
EnableContentTrust = false,
EnableContentTrustCosign = false,
ForceDestroy = false,
Name = "string",
Public = false,
RegistryId = 0,
StorageQuota = 0,
VulnerabilityScanning = false,
});
example, err := harbor.NewProject(ctx, "projectResource", &harbor.ProjectArgs{
AutoSbomGeneration: pulumi.Bool(false),
CveAllowlists: pulumi.StringArray{
pulumi.String("string"),
},
DeploymentSecurity: pulumi.String("string"),
EnableContentTrust: pulumi.Bool(false),
EnableContentTrustCosign: pulumi.Bool(false),
ForceDestroy: pulumi.Bool(false),
Name: pulumi.String("string"),
Public: pulumi.Bool(false),
RegistryId: pulumi.Int(0),
StorageQuota: pulumi.Int(0),
VulnerabilityScanning: pulumi.Bool(false),
})
var projectResource = new Project("projectResource", ProjectArgs.builder()
.autoSbomGeneration(false)
.cveAllowlists("string")
.deploymentSecurity("string")
.enableContentTrust(false)
.enableContentTrustCosign(false)
.forceDestroy(false)
.name("string")
.public_(false)
.registryId(0)
.storageQuota(0)
.vulnerabilityScanning(false)
.build());
project_resource = harbor.Project("projectResource",
auto_sbom_generation=False,
cve_allowlists=["string"],
deployment_security="string",
enable_content_trust=False,
enable_content_trust_cosign=False,
force_destroy=False,
name="string",
public=False,
registry_id=0,
storage_quota=0,
vulnerability_scanning=False)
const projectResource = new harbor.Project("projectResource", {
autoSbomGeneration: false,
cveAllowlists: ["string"],
deploymentSecurity: "string",
enableContentTrust: false,
enableContentTrustCosign: false,
forceDestroy: false,
name: "string",
"public": false,
registryId: 0,
storageQuota: 0,
vulnerabilityScanning: false,
});
type: harbor:Project
properties:
autoSbomGeneration: false
cveAllowlists:
- string
deploymentSecurity: string
enableContentTrust: false
enableContentTrustCosign: false
forceDestroy: false
name: string
public: false
registryId: 0
storageQuota: 0
vulnerabilityScanning: false
Project Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Project resource accepts the following input properties:
- Auto
Sbom boolGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - Cve
Allowlists List<string> - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- Deployment
Security string - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - Enable
Content boolTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - Enable
Content boolTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - Force
Destroy bool - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- Name string
- The name of the project that will be created in harbor.
- Public bool
- The project will be public accessibility.(Default:
false
) - Registry
Id int - To enable project as Proxy Cache.
- Storage
Quota int - The storage quota of the project in GB's.
- Vulnerability
Scanning bool - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- Auto
Sbom boolGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - Cve
Allowlists []string - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- Deployment
Security string - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - Enable
Content boolTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - Enable
Content boolTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - Force
Destroy bool - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- Name string
- The name of the project that will be created in harbor.
- Public bool
- The project will be public accessibility.(Default:
false
) - Registry
Id int - To enable project as Proxy Cache.
- Storage
Quota int - The storage quota of the project in GB's.
- Vulnerability
Scanning bool - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- auto
Sbom BooleanGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - cve
Allowlists List<String> - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- deployment
Security String - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - enable
Content BooleanTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - enable
Content BooleanTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - force
Destroy Boolean - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- name String
- The name of the project that will be created in harbor.
- public_ Boolean
- The project will be public accessibility.(Default:
false
) - registry
Id Integer - To enable project as Proxy Cache.
- storage
Quota Integer - The storage quota of the project in GB's.
- vulnerability
Scanning Boolean - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- auto
Sbom booleanGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - cve
Allowlists string[] - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- deployment
Security string - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - enable
Content booleanTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - enable
Content booleanTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - force
Destroy boolean - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- name string
- The name of the project that will be created in harbor.
- public boolean
- The project will be public accessibility.(Default:
false
) - registry
Id number - To enable project as Proxy Cache.
- storage
Quota number - The storage quota of the project in GB's.
- vulnerability
Scanning boolean - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- auto_
sbom_ boolgeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - cve_
allowlists Sequence[str] - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- deployment_
security str - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - enable_
content_ booltrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - enable_
content_ booltrust_ cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - force_
destroy bool - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- name str
- The name of the project that will be created in harbor.
- public bool
- The project will be public accessibility.(Default:
false
) - registry_
id int - To enable project as Proxy Cache.
- storage_
quota int - The storage quota of the project in GB's.
- vulnerability_
scanning bool - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- auto
Sbom BooleanGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - cve
Allowlists List<String> - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- deployment
Security String - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - enable
Content BooleanTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - enable
Content BooleanTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - force
Destroy Boolean - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- name String
- The name of the project that will be created in harbor.
- public Boolean
- The project will be public accessibility.(Default:
false
) - registry
Id Number - To enable project as Proxy Cache.
- storage
Quota Number - The storage quota of the project in GB's.
- vulnerability
Scanning Boolean - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
Outputs
All input properties are implicitly available as output properties. Additionally, the Project resource produces the following output properties:
- id str
- The provider-assigned unique ID for this managed resource.
- project_
id int - The project id of this resource.
Look up Existing Project Resource
Get an existing Project resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ProjectState, opts?: CustomResourceOptions): Project
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
auto_sbom_generation: Optional[bool] = None,
cve_allowlists: Optional[Sequence[str]] = None,
deployment_security: Optional[str] = None,
enable_content_trust: Optional[bool] = None,
enable_content_trust_cosign: Optional[bool] = None,
force_destroy: Optional[bool] = None,
name: Optional[str] = None,
project_id: Optional[int] = None,
public: Optional[bool] = None,
registry_id: Optional[int] = None,
storage_quota: Optional[int] = None,
vulnerability_scanning: Optional[bool] = None) -> Project
func GetProject(ctx *Context, name string, id IDInput, state *ProjectState, opts ...ResourceOption) (*Project, error)
public static Project Get(string name, Input<string> id, ProjectState? state, CustomResourceOptions? opts = null)
public static Project get(String name, Output<String> id, ProjectState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Auto
Sbom boolGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - Cve
Allowlists List<string> - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- Deployment
Security string - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - Enable
Content boolTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - Enable
Content boolTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - Force
Destroy bool - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- Name string
- The name of the project that will be created in harbor.
- Project
Id int - The project id of this resource.
- Public bool
- The project will be public accessibility.(Default:
false
) - Registry
Id int - To enable project as Proxy Cache.
- Storage
Quota int - The storage quota of the project in GB's.
- Vulnerability
Scanning bool - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- Auto
Sbom boolGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - Cve
Allowlists []string - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- Deployment
Security string - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - Enable
Content boolTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - Enable
Content boolTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - Force
Destroy bool - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- Name string
- The name of the project that will be created in harbor.
- Project
Id int - The project id of this resource.
- Public bool
- The project will be public accessibility.(Default:
false
) - Registry
Id int - To enable project as Proxy Cache.
- Storage
Quota int - The storage quota of the project in GB's.
- Vulnerability
Scanning bool - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- auto
Sbom BooleanGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - cve
Allowlists List<String> - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- deployment
Security String - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - enable
Content BooleanTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - enable
Content BooleanTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - force
Destroy Boolean - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- name String
- The name of the project that will be created in harbor.
- project
Id Integer - The project id of this resource.
- public_ Boolean
- The project will be public accessibility.(Default:
false
) - registry
Id Integer - To enable project as Proxy Cache.
- storage
Quota Integer - The storage quota of the project in GB's.
- vulnerability
Scanning Boolean - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- auto
Sbom booleanGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - cve
Allowlists string[] - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- deployment
Security string - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - enable
Content booleanTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - enable
Content booleanTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - force
Destroy boolean - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- name string
- The name of the project that will be created in harbor.
- project
Id number - The project id of this resource.
- public boolean
- The project will be public accessibility.(Default:
false
) - registry
Id number - To enable project as Proxy Cache.
- storage
Quota number - The storage quota of the project in GB's.
- vulnerability
Scanning boolean - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- auto_
sbom_ boolgeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - cve_
allowlists Sequence[str] - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- deployment_
security str - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - enable_
content_ booltrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - enable_
content_ booltrust_ cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - force_
destroy bool - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- name str
- The name of the project that will be created in harbor.
- project_
id int - The project id of this resource.
- public bool
- The project will be public accessibility.(Default:
false
) - registry_
id int - To enable project as Proxy Cache.
- storage_
quota int - The storage quota of the project in GB's.
- vulnerability_
scanning bool - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
- auto
Sbom BooleanGeneration - Automatically generate SBOM for images pushed to this project. (Default:
false
) can only be used with Harbor version v2.11.0 and above - cve
Allowlists List<String> - Project allowlist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images. Should be in the format or
["CVE-123", "CVE-145"]
or["CVE-123"]
- deployment
Security String - Prevent deployment of images with vulnerability severity equal or higher than the specified value. Images must be scanned before this takes effect. Possible values:
"critical"
,"high"
,"medium"
,"low"
,"none"
. (Default:""
- empty) - enable
Content BooleanTrust - Enables Content Trust for project. When enabled it queries the embedded docker notary server. (Default:
false
). - enable
Content BooleanTrust Cosign - Enables Content Trust Cosign for project. When enabled it queries Cosign. (Default:
false
) - force
Destroy Boolean - A boolean that indicates all repositories should be deleted from the project so that the project can be destroyed without error. These repositories are not recoverable.
- name String
- The name of the project that will be created in harbor.
- project
Id Number - The project id of this resource.
- public Boolean
- The project will be public accessibility.(Default:
false
) - registry
Id Number - To enable project as Proxy Cache.
- storage
Quota Number - The storage quota of the project in GB's.
- vulnerability
Scanning Boolean - Images will be scanned for vulnerabilities when push to harbor. (Default:
true
)
Import
$ pulumi import harbor:index/project:Project main /projects/1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- harbor pulumiverse/pulumi-harbor
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
harbor
Terraform Provider.