MCP server for Harbor Registry — projects, repos, artifacts, storage reports, cleanup

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for mshegolev from gravatar.com mshegolev

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Mikhail Shchegolev
  • Tags anthropic , claude , container-registry , devops , docker , harbor , mcp
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

harbor-registry-mcp

PyPI Python License: MIT

MCP server for Harbor Registry. Lets an LLM agent (Claude Code, Cursor, OpenCode, etc.) list projects, repositories and artifacts, run storage reports, find cleanup candidates, and delete untagged or old artifacts — all with safety rails (dry-run by default for bulk delete).

Python, FastMCP, stdio transport.

Works with any Harbor 2.x instance — SaaS or self-hosted / on-prem.

Why another Harbor MCP?

A couple of community Harbor MCPs exist (nomagicln/mcp-harbor, bupd/harbor-mcp-server) but they expose only the basic list/get endpoints. This one adds storage reports, cleanup candidates, delete untagged, and delete old artifacts with dry-run — the operations DevOps engineers actually need to reclaim disk space.

Design highlights

  • Tool annotations — read-only tools get readOnlyHint: True; destructive ones (harbor_delete_*) carry destructiveHint: True so MCP clients ask for confirmation.
  • Dry-run by default on bulk cleanup (harbor_delete_old_artifacts(dry_run=True)) — the agent must flip it to execute.
  • Structured output — every tool returns a typed payload (TypedDict) + a markdown summary.
  • Structured errors — 401 / 403 / 404 / 429 / 5xx mapped to actionable hints.
  • Pydantic input validation for every argument.
  • Vulnerability snapshotharbor_list_artifacts surfaces scan status and counts if with_scan_overview is enabled.

Features (8 tools)

Discovery & inspection

  • harbor_list_projects — projects with repo counts and visibility
  • harbor_list_repos — repositories in a project
  • harbor_list_artifacts — artifacts in a repository with tags/size/scan status
  • harbor_storage_report — full project storage breakdown (all repos × all artifacts)

Cleanup planning

  • harbor_cleanup_candidates — suggest what to delete (untagged, never-pulled, old versions)

Cleanup execution (destructive)

  • harbor_delete_artifact — delete a single artifact by tag or digest
  • harbor_delete_untagged — delete all untagged artifacts in a project/repo
  • harbor_delete_old_artifacts — keep N latest per repo, delete the rest (dry-run default)

Installation

Requires Python 3.10+.

# via uvx (recommended)
uvx --from harbor-registry-mcp harbor-registry-mcp

# or via pipx
pipx install harbor-registry-mcp

Configuration

claude mcp add harbor -s project \
  --env HARBOR_URL=https://harbor.example.com \
  --env HARBOR_USERNAME='robot$your-robot' \
  --env HARBOR_PASSWORD=your-robot-token \
  --env HARBOR_SSL_VERIFY=true \
  -- uvx --from harbor-registry-mcp harbor-registry-mcp

Or in .mcp.json:

{
  "mcpServers": {
    "harbor": {
      "type": "stdio",
      "command": "uvx",
      "args": ["--from", "harbor-registry-mcp", "harbor-registry-mcp"],
      "env": {
        "HARBOR_URL": "https://harbor.example.com",
        "HARBOR_USERNAME": "robot$your-robot",
        "HARBOR_PASSWORD": "${HARBOR_PASSWORD}",
        "HARBOR_SSL_VERIFY": "true"
      }
    }
  }
}

Check:

claude mcp list
# harbor: uvx --from harbor-registry-mcp harbor-registry-mcp - ✓ Connected

Environment variables

Variable Required Description
HARBOR_URL yes Harbor URL (no trailing slash)
HARBOR_USERNAME yes Harbor username — robot account recommended
HARBOR_PASSWORD yes Password or robot token
HARBOR_SSL_VERIFY no true/false. Default: true.

Example usage

  • "Storage report for project einvy-pub"
  • "Find cleanup candidates in qa-assistant — keep latest 3"
  • "Delete all untagged artifacts in qa-assistant"
  • "Dry-run delete of old artifacts in qa-assistant/pgvector-rag, keep 1 latest"
  • "What's in einvy-pub/my-image?"

Safety

  • Read tools use readOnlyHint: True — no confirmation needed.
  • Delete tools use destructiveHint: True — clients should confirm.
  • harbor_delete_old_artifacts defaults to dry_run=True; the agent must explicitly set dry_run=False to actually delete.
  • harbor_cleanup_candidates is read-only — it only suggests candidates, never deletes.

Development

git clone https://github.com/mshegolev/harbor-registry-mcp.git
cd harbor-registry-mcp
pip install -e '.[dev]'
pytest

License

MIT © Mikhail Shchegolev

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for mshegolev from gravatar.com mshegolev

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Mikhail Shchegolev
  • Tags anthropic , claude , container-registry , devops , docker , harbor , mcp
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

harbor_registry_mcp-0.1.0.tar.gz (23.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

harbor_registry_mcp-0.1.0-py3-none-any.whl (19.9 kB view details)

Uploaded Python 3

File details

Details for the file harbor_registry_mcp-0.1.0.tar.gz.

File metadata

  • Download URL: harbor_registry_mcp-0.1.0.tar.gz
  • Upload date:
  • Size: 23.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for harbor_registry_mcp-0.1.0.tar.gz
Algorithm Hash digest
SHA256 fac36ef0a6cb474085d2a6ed52b085d0e5c38d5d85c2bc97b52ed072d396f209
MD5 b10e7d138947cccc03cb659e3bea0054
BLAKE2b-256 2e65dd075aa4fa559f1702751598e19dffdf57554560ea26d10a5b238d2be000

See more details on using hashes here.

Provenance

The following attestation bundles were made for harbor_registry_mcp-0.1.0.tar.gz:

Publisher: publish.yml on mshegolev/harbor-registry-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file harbor_registry_mcp-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for harbor_registry_mcp-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 c844770cc6cf13893ee0d98a52cfbe2e48cf3aea1692fbf7416ae0e238e34741
MD5 998e08684b1e59732f8b3e588b30a194
BLAKE2b-256 a6039f360d840e22c8f31ee1e6991f3706189e8565e9a89e6993ad8b9e6a9302

See more details on using hashes here.

Provenance

The following attestation bundles were made for harbor_registry_mcp-0.1.0-py3-none-any.whl:

Publisher: publish.yml on mshegolev/harbor-registry-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page