Platform One's repository for hardened & approved container images ( product | pages ).
It is 100% free but requires Platform One (P1) SSO account to make use of.
Register for a P1 SSO account here: https://login.dso.mil/register .
Iron Bank is currently backed by an instance of the Harbor registry. To login, point your brower to the Iron Bank Harbor UI here: https://registry1.dso.mil/harbor .
Once there, click the Login via OIDC Provider button & use your P1 SSO account to authenticate.
After that you're free to take the UI for a spin & browse available images.
Zarf is a CLI tool and so needs an automated (read: non-UI) way to login & pull images. Harbor provides authenticated users with a second, separate credential for doing just that: the "CLI secret".
In order to figure out what your personal "CLI secret" is you first need to log into the Iron Bank Harbor Web UI (as above).
Then, pop open your "User Profile" and copy down your Username and CLI secret.
Take note
You need your Username specifically—trying to log Zarf into Iron Bank using Email will not work!
Once you've pulled your credentials from the Harbor UI, Zarf can be granted access (in your name!) with a command like this:
./zarf tools registry login registry1.dso.mil -u <YOUR_USERNAME> -p <YOUR_CLI_SECRET>Zarf will dump an auth file into your user home directory—$HOME/.docker/config.json—in a format that will be familiar to you if you've ever used docker login before.
Beware!
This file contains your personal credentials for interacting with Iron Bank and could be used to impersonate you. Make sure to keep this file safe!