auth_mode |
StringConfigItem |
The auth mode of current system, such as "db_auth", "ldap_auth", "oidc_auth" |
[optional] |
ldap_base_dn |
StringConfigItem |
The Base DN for LDAP binding. |
[optional] |
ldap_filter |
StringConfigItem |
The filter for LDAP search |
[optional] |
ldap_group_base_dn |
StringConfigItem |
The base DN to search LDAP group. |
[optional] |
ldap_group_admin_dn |
StringConfigItem |
Specify the ldap group which have the same privilege with Harbor admin |
[optional] |
ldap_group_attribute_name |
StringConfigItem |
The attribute which is used as identity of the LDAP group, default is cn.' |
[optional] |
ldap_group_search_filter |
StringConfigItem |
The filter to search the ldap group |
[optional] |
ldap_group_search_scope |
IntegerConfigItem |
The scope to search ldap group. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'' |
[optional] |
ldap_scope |
IntegerConfigItem |
The scope to search ldap users,'0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE' |
[optional] |
ldap_search_dn |
StringConfigItem |
The DN of the user to do the search. |
[optional] |
ldap_timeout |
IntegerConfigItem |
Timeout in seconds for connection to LDAP server |
[optional] |
ldap_uid |
StringConfigItem |
The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname" |
[optional] |
ldap_url |
StringConfigItem |
The URL of LDAP server |
[optional] |
ldap_verify_cert |
BoolConfigItem |
Whether verify your OIDC server certificate, disable it if your OIDC server is hosted via self-hosted certificate. |
[optional] |
ldap_group_membership_attribute |
StringConfigItem |
The user attribute to identify the group membership |
[optional] |
project_creation_restriction |
StringConfigItem |
Indicate who can create projects, it could be ''adminonly'' or ''everyone''. |
[optional] |
read_only |
BoolConfigItem |
The flag to indicate whether Harbor is in readonly mode. |
[optional] |
self_registration |
BoolConfigItem |
Whether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance. |
[optional] |
token_expiration |
IntegerConfigItem |
The expiration time of the token for internal Registry, in minutes. |
[optional] |
uaa_client_id |
StringConfigItem |
The client id of UAA |
[optional] |
uaa_client_secret |
StringConfigItem |
The client secret of the UAA |
[optional] |
uaa_endpoint |
StringConfigItem |
The endpoint of the UAA |
[optional] |
uaa_verify_cert |
BoolConfigItem |
Verify the certificate in UAA server |
[optional] |
http_authproxy_endpoint |
StringConfigItem |
The endpoint of the HTTP auth |
[optional] |
http_authproxy_tokenreview_endpoint |
StringConfigItem |
The token review endpoint |
[optional] |
http_authproxy_admin_groups |
StringConfigItem |
The group which has the harbor admin privileges |
[optional] |
http_authproxy_admin_usernames |
StringConfigItem |
The usernames which has the harbor admin privileges |
[optional] |
http_authproxy_verify_cert |
BoolConfigItem |
Verify the HTTP auth provider's certificate |
[optional] |
http_authproxy_skip_search |
BoolConfigItem |
Search user before onboard |
[optional] |
http_authproxy_server_certificate |
StringConfigItem |
The certificate of the HTTP auth provider |
[optional] |
oidc_name |
StringConfigItem |
The OIDC provider name |
[optional] |
oidc_endpoint |
StringConfigItem |
The endpoint of the OIDC provider |
[optional] |
oidc_client_id |
StringConfigItem |
The client ID of the OIDC provider |
[optional] |
oidc_groups_claim |
StringConfigItem |
The attribute claims the group name |
[optional] |
oidc_admin_group |
StringConfigItem |
The OIDC group which has the harbor admin privileges |
[optional] |
oidc_group_filter |
StringConfigItem |
The OIDC group filter which filters out the group doesn't match the regular expression |
[optional] |
oidc_scope |
StringConfigItem |
The scope of the OIDC provider |
[optional] |
oidc_user_claim |
StringConfigItem |
The attribute claims the username |
[optional] |
oidc_verify_cert |
BoolConfigItem |
Verify the OIDC provider's certificate' |
[optional] |
oidc_auto_onboard |
BoolConfigItem |
Auto onboard the OIDC user |
[optional] |
oidc_extra_redirect_parms |
StringConfigItem |
Extra parameters to add when redirect request to OIDC provider |
[optional] |
robot_token_duration |
IntegerConfigItem |
The robot account token duration in days |
[optional] |
robot_name_prefix |
StringConfigItem |
The rebot account name prefix |
[optional] |
notification_enable |
BoolConfigItem |
Enable notification |
[optional] |
quota_per_project_enable |
BoolConfigItem |
Enable quota per project |
[optional] |
storage_per_project |
IntegerConfigItem |
The storage quota per project |
[optional] |
audit_log_forward_endpoint |
StringConfigItem |
The endpoint of the audit log forwarder |
[optional] |
skip_audit_log_database |
BoolConfigItem |
Whether skip the audit log in database |
[optional] |
scan_all_policy |
ConfigurationsResponseScanAllPolicy |
|
[optional] |
session_timeout |
IntegerConfigItem |
The session timeout in minutes |
[optional] |