This week’s open-source project of the week, Harbor, is aiming to make working with containers more secure. Harbor is a cloud-native container image registry that stores, signs, and scans container images for potential vulnerabilities.
Key security features of the project include security and vulnerability analysis, and content signing and validation. On the management side of things, it offers multi-tenancy, extensible API and web UI, image replication across multiple Harbor instances, and identity integration and role-based access control.
Harbor is also an incubating project at the CNCF and has been since November 2018. The project started in 2014, the CNCF explained, by developers that wanted to solve the issue of storing images for developers who were learning how to use containers. Two years later, in 2016, the project was fully open sourced.
Report: Security is the biggest concern for those running containers
Report: The 10 most popular Docker images contain at least 30 vulnerabilities each
9 security best practices for Kubernetes you should be following
According to the project team, Harbor solves common issues of working with containers. The project helps fill in a gap for organizations who are unable to use a public or cloud-based registry, or those who just want a more consistent experience across different clouds.
The project recently released one of its biggest updates yet, version 1.9. That release added new features such as tag retention, webhook notifications, replication targets, and CVE exception policies.