# Project: harbor-ctl

## Purpose

Command-line interface for managing Harbor container registry. Provides quick access to common operations without requiring the web UI or manual API calls.

## Scope

### In Scope

- Project, repository, and artifact listing
- Vulnerability scanning and reporting
- SBOM retrieval and display
- Tag management
- Artifact deletion
- Project configuration (auto-scan, auto-sbom)
- System information and storage status
- Garbage collection (status, trigger)
- User management (list, create, delete, admin privileges, password reset)
- Audit log viewing and purging
- CVE allowlist management
- System-wide vulnerability scanning

### Out of Scope

- LDAP/OIDC group management (external provider)
- Replication rule creation (complex, rare)
- Registry endpoint management (rare setup task)

## Success Criteria

- Modular package structure for maintainability
- No external dependencies (stdlib only)
- All common daily operations accessible via CLI
- Clear, scannable output for terminal use
- Exit codes suitable for scripting
- Credentials managed securely (no hardcoding)

## Constraints

- Python 3.10+ stdlib only
- Harbor API v2.0 compatibility
- Must work in minimal environments (no pip install required)
- Legacy single-file script maintained for compatibility

## Assumptions

- Harbor instance is accessible over HTTPS
- User has appropriate permissions for requested operations
- Credentials file follows established format when present

## References

- Harbor API docs: `~/git/harbor/docs`