Harbor
CNCF / VMwareCI/CD3 credentials
Harbor Administrator Password
harbor / admin-password
Harbor creates a local administrator account for portal, registry, and API administration. The initial password is deployment-configured in harbor.yml or Helm values.
Location
Harbor portal, REST API, Docker/OCI registry endpoints, and robot/account flowsHarbor database user and auth tables storing password verifier state
harbor.yml, values.yamlinitial admin password, auth mode, database, Redis, and registry settings
HARBOR_ADMIN_PASSWORDKubernetes Secrets, Helm secrets, Docker Compose secrets, and password vaults
core, portal, registry, jobservice, and authentication logs
Notes
No literal default is modeled; packaged examples often show placeholders, while real deployments set or generate the admin password.
Robot Account Token
harbor / robot-account-token
Harbor robot accounts use generated tokens for pull/push automation and CI/CD registry access.
Location
AuthorizationBasic authentication with robot account name and token for registry/API access
robot account records and token metadata
Docker config.json, Kubernetes imagePullSecrets, CI manifests, and Helm values
HARBOR_ROBOT_TOKEN, HARBOR_TOKENKubernetes Secrets, CI/CD variables, and vault entries
deployment repos, image pull secret templates, and test configs
registry auth logs and CI output
OIDC, LDAP, Database, and Registry Secrets
harbor / oidc-ldap-database-secrets
Harbor deployments store OIDC client secrets, LDAP bind passwords, database passwords, Redis passwords, registry HTTP secrets, token signing material, and scanner/replication credentials.
Location
harbor.yml, values.yamlauth, database, Redis, registry, token, scanner, and replication settings
replication endpoints, scanner credentials, OIDC/LDAP settings, and encrypted secrets
Kubernetes Secrets, Docker secrets, external vaults, and Helm secret stores
Helm charts, Terraform, and deployment manifests
Harbor backups and support bundles
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.