Summary
Connects to any Harbor 2.x registry (SaaS or self-hosted) and surfaces the cleanup operations DevOps teams actually need: storage reports broken down by project and repo, cleanup candidate suggestions based on age and pull history, and bulk deletion of untagged or old artifacts. The delete tools default to dry run and carry destructive hints so Claude will ask before wiping anything. Built with FastMCP over stdio, uses Pydantic validation, and includes scan vulnerability counts when available. Differentiates itself from other Harbor MCPs by going beyond basic list and get operations to expose the disk space reclamation workflows. Authentication via robot accounts recommended.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
harbor-registry-mcp
MCP server for Harbor Registry. Lets an LLM agent (Claude Code, Cursor, OpenCode, etc.) list projects, repositories and artifacts, run storage reports, find cleanup candidates, and delete untagged or old artifacts — all with safety rails (dry-run by default for bulk delete).
Python, FastMCP, stdio transport.
Works with any Harbor 2.x instance — SaaS or self-hosted / on-prem.
Why another Harbor MCP?
A couple of community Harbor MCPs exist (nomagicln/mcp-harbor, bupd/harbor-mcp-server) but they expose only the basic list/get endpoints. This one adds storage reports, cleanup candidates, delete untagged, and delete old artifacts with dry-run — the operations DevOps engineers actually need to reclaim disk space.
Design highlights
- Tool annotations — read-only tools get
readOnlyHint: True; destructive ones (harbor_delete_*) carrydestructiveHint: Trueso MCP clients ask for confirmation. - Dry-run by default on bulk cleanup (
harbor_delete_old_artifacts(dry_run=True)) — the agent must flip it to execute. - Structured output — every tool returns a typed payload (TypedDict) + a markdown summary.
- Structured errors — 401 / 403 / 404 / 429 / 5xx mapped to actionable hints.
- Pydantic input validation for every argument.
- Vulnerability snapshot —
harbor_list_artifactssurfaces scan status and counts ifwith_scan_overviewis enabled.
Features (8 tools)
Discovery & inspection
harbor_list_projects— projects with repo counts and visibilityharbor_list_repos— repositories in a projectharbor_list_artifacts— artifacts in a repository with tags/size/scan statusharbor_storage_report— full project storage breakdown (all repos × all artifacts)
Cleanup planning
harbor_cleanup_candidates— suggest what to delete (untagged, never-pulled, old versions)
Cleanup execution (destructive)
harbor_delete_artifact— delete a single artifact by tag or digestharbor_delete_untagged— delete all untagged artifacts in a project/repoharbor_delete_old_artifacts— keep N latest per repo, delete the rest (dry-run default)
Installation
Requires Python 3.10+.
# via uvx (recommended)
uvx --from harbor-registry-mcp harbor-registry-mcp
# or via pipx
pipx install harbor-registry-mcp
Configuration
claude mcp add harbor -s project \
--env HARBOR_URL=https://harbor.example.com \
--env HARBOR_USERNAME='robot$your-robot' \
--env HARBOR_PASSWORD=your-robot-token \
--env HARBOR_SSL_VERIFY=true \
-- uvx --from harbor-registry-mcp harbor-registry-mcp
Or in .mcp.json:
{
"mcpServers": {
"harbor": {
"type": "stdio",
"command": "uvx",
"args": ["--from", "harbor-registry-mcp", "harbor-registry-mcp"],
"env": {
"HARBOR_URL": "https://harbor.example.com",
"HARBOR_USERNAME": "robot$your-robot",
"HARBOR_PASSWORD": "${HARBOR_PASSWORD}",
"HARBOR_SSL_VERIFY": "true"
}
}
}
}
Check:
claude mcp list
# harbor: uvx --from harbor-registry-mcp harbor-registry-mcp - ✓ Connected
Environment variables
| Variable | Required | Description |
|---|---|---|
HARBOR_URL | yes | Harbor URL (no trailing slash) |
HARBOR_USERNAME | yes | Harbor username — robot account recommended |
HARBOR_PASSWORD | yes | Password or robot token |
HARBOR_SSL_VERIFY | no | true/false. Default: true. |
Example usage
- "Storage report for project
einvy-pub" - "Find cleanup candidates in
qa-assistant— keep latest 3" - "Delete all untagged artifacts in
qa-assistant" - "Dry-run delete of old artifacts in
qa-assistant/pgvector-rag, keep 1 latest" - "What's in
einvy-pub/my-image?"
Safety
- Read tools use
readOnlyHint: True— no confirmation needed. - Delete tools use
destructiveHint: True— clients should confirm. harbor_delete_old_artifactsdefaults todry_run=True; the agent must explicitly setdry_run=Falseto actually delete.harbor_cleanup_candidatesis read-only — it only suggests candidates, never deletes.
Development
git clone https://github.com/mshegolev/harbor-registry-mcp.git
cd harbor-registry-mcp
pip install -e '.[dev]'
pytest
License
MIT © Mikhail Shchegolev
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Configuration
HARBOR_URL*Harbor URL (e.g. https://harbor.example.com)
HARBOR_USERNAME*Harbor username (robot account recommended for automation)
HARBOR_PASSWORD*secretHarbor password or robot account token
HARBOR_SSL_VERIFYdefault: trueVerify SSL certificates (true/false). Set to 'false' for self-signed certs.