Harbor for Supply Chain Security 

Course & Training

Implement and automate Harbor as a central building block for secure container registry infrastructures, software distribution, and supply chain security.

Discover in this two-day workshop how Harbor serves as a robust, production-ready container registry that forms the foundation for a secure software supply chain. From installation through OIDC integration and vulnerability scanning to Infrastructure as Code and GitOps workflows – learn hands-on how to establish Harbor as the trusted core of your containerized infrastructure. The course addresses the perspectives of security leaders, operations teams, and developers equally.

In-House Course:

We are happy to conduct tailored courses for your team - on-site, remotely or in our course rooms.

Request In-House Course

Public Course Schedule:

   

Content:


In this workshop, you will learn how to implement Harbor as a central, secure container registry in your infrastructure and establish it as a trusted building block for your software supply chain. The course addresses three target groups: security leaders (CISOs), operations teams, and developers – with hands-on content for each perspective.
Thanks to hands-on exercises and real-world scenarios, you will develop the ability to operate Harbor as a stable, secure, and scalable registry service. You will learn modern automation approaches with Infrastructure as Code and GitOps and discover how Harbor serves as a central hub for container images, Helm charts, AI/ML models, and other OCI artifacts.

Day 1 – Installation, Security & Governance:
– Welcome, Setup & Lab Environment
– Harbor Fundamentals:
... - Harbor architecture and components
... - Installation and basic configuration
... - Harbor as central hub for all organizational images
... - High availability and scaling
– Identity & Access Management:
... - OIDC integration (Keycloak, Azure AD, Okta, Google)
... - LDAP/Active Directory integration
... - User and role management (RBAC)
... - Project-based access control and multi-tenancy
– Security & Compliance (CISO Perspective):
... - Vulnerability scanning with Trivy
... - SBOM generation and export
... - Audit trails and compliance reporting
... - Policy-based image control
... - SSL/TLS configuration and certificate management
– Operational Control (Ops Perspective):
... - Quotas and resource control
... - Retention policies and tag management
... - Garbage collection and storage management
... - Proxy cache: Centrally cache external registries

Day 2 – Automation, Distribution & Integration:
– Replication & Distribution:
... - Bidirectional image replication (push & pull)
... - Replication to/from Docker Hub, ECR, GCR, ACR, Quay
... - Software distribution to customers and partners
... - Edge and IoT distribution scenarios
– Infrastructure as Code & GitOps:
... - Harbor provisioning with Terraform
... - Pulumi and Crossplane for Harbor
... - GitOps workflows for registry configuration
... - Robot accounts for automated pipelines
... - RESTful API and CLI for automation
– OCI Artifacts & Beyond Images:
... - Store and distribute Helm charts in Harbor
... - AI/ML models as OCI artifacts
... - Cosign: Image signing and verification
... - Supply chain automation workflows
– CI/CD & Kubernetes Integration:
... - CI/CD pipeline integration (GitHub Actions, GitLab CI, Jenkins)
... - Kubernetes image pull secrets
... - Webhook integration for automation
... - Performance monitoring and troubleshooting
... - Best practices for production environments


Disclaimer: The actual course content may vary from the above, depending on the trainer, implementation, duration and constellation of participants.

Whether we call it training, course, workshop or seminar, we want to pick up participants at their point and equip them with the necessary practical knowledge so that they can apply the technology directly after the training and deepen it independently.

Goal:

After this course, you will be able to successfully implement and operate Harbor as a central, secure container registry in your infrastructure. You will acquire practical skills in installing, configuring, and hardening Harbor as well as integrating modern identity providers via OIDC.
From the CISO perspective, you will learn how Harbor provides complete visibility into vulnerabilities and SBOMs and how policies control image usage. From the Ops perspective, you will master quotas, retention policies, garbage collection, and proxy caching. As a developer or DevOps engineer, you will automate Harbor with Terraform, Pulumi, or Crossplane and integrate it seamlessly into CI/CD pipelines.
You will discover how Harbor serves as a central hub for container images, Helm charts, and AI/ML models, and how bidirectional replication enables collaboration with customers, partners, and edge locations.


Duration:

 2 Days (Is individually adapted for in-house courses.)


Form:

The course is well structured and consists of theoretical explanations and practical exercises. You will be accompanied by an experienced trainer who can answer questions.


Target Audience:

This course is designed for three target groups: security leaders and CISOs who need visibility and control over their container supply chain; DevOps engineers and platform engineers who want to automate Harbor operations and integrate it into CI/CD pipelines; and operations teams and system administrators who manage Harbor as a stable, scalable service.


Requirements:

Basic knowledge of container technologies (Docker/Podman) and CI/CD pipelines.
Experience with Linux systems and basic networking knowledge.
Basic understanding of Kubernetes is helpful but not mandatory.
Laptop with local installation rights recommended.


Preparation:

Every participant will receive a questionnaire and a preparation checklist after registration. We provide a comprehensive laboratory environment for each participant, so that all participants can directly implement their own experiments and even complex scenarios.

Request In-House Course:

In-House Kurs Anfragen

Waitinglist for public course:

Sign up for the waiting list for more public course dates. Once we have enough people on the waiting list, we will determine a date that suits everyone as much as possible and schedule a new session. If you want to participate directly with two colleagues, we can even plan a public course specifically for you.

Waiting List Request

(If you already have 3 or more participants, we will discuss your preferred date directly with you and announce the course.)

More about Harbor



Harbor is an open-source artifact registry initially developed by VMware and donated to the Cloud Native Computing Foundation (CNCF), where it achieved graduated project status. While Harbor started as a container registry, it has evolved into a comprehensive artifact management platform supporting container images, Helm charts, AI/ML models, and any OCI-compliant artifact. Harbor extends beyond basic registry functionality with enterprise features such as security, identity management, policy enforcement, and supply chain controls.



As a central component in the software supply chain, Harbor not only provides secure storage of container images but also comprehensive security features such as vulnerability scanning, SBOM generation, and policy-based access control. Beyond container images, Harbor also supports Helm charts, AI/ML models, and other OCI-compliant artifacts. This makes Harbor the ideal solution for organizations that want to implement the highest security standards in their containerized infrastructure.






History


Harbor was originally developed by VMware and released as an open-source project in 2016. The project emerged from the need to create an enterprise-ready container registry that goes beyond the basic functions of the Docker Registry.


In 2018, Harbor joined the Cloud Native Computing Foundation (CNCF) as an Incubating Project and achieved Graduated Project status in 2020. This underscores the importance and maturity of Harbor in the cloud-native ecosystem.


Harbor has established itself as the de-facto standard for secure container registries in enterprise environments and is used by numerous organizations worldwide. Continuous development by the community and integration with modern security tools make Harbor a future-proof solution for software supply chain security.