Stefan Zhelev
Data Professional
phone
WhatsApp
PDF

Platform Registry

Cloud-native registry that stores and scans the platform's container images and artifacts.

image

Objective

A private container/artifact registry under platform control — image storage, vulnerability scanning, replication, and signing for everything Kubernetes pulls.

Open Source Alternatives

Harbor — 9 / 10

Self-hosted CNCF graduated registry with Trivy scanning, Cosign signature support, retention policies, replication, and a proper UI. The only OSS option that competes feature-for-feature with managed cloud registries. Operational footprint is real but justified.

Zot — 7 / 10

Minimalist OCI registry. OSS, lighter than Harbor, fewer features. Right for very small or edge deployments.

Docker Distribution — 5 / 10

The reference OCI registry implementation. Bare-bones, no UI or scanning. Building block, not a product.

Quay (OSS) — 7 / 10

Red Hat-built OSS registry. Less actively evolving than Harbor; reasonable in Red Hat-aligned shops.

Managed SaaS Alternatives

GitHub Container Registry (GHCR) — 8 / 10

Bundled with GitHub. Free for public repos, integrated with GitHub Actions. Limited governance and not self-hosted; convenient when GitHub is the source of truth.

Amazon ECR — 8 / 10

AWS-managed registry. Excellent inside AWS; locked to AWS for IAM. Strong for AWS-native workloads.

JFrog Artifactory — 9 / 10

Enterprise multi-format artifact platform — containers, Maven, npm, generic. Premium pricing, deep enterprise feature set.

GitLab Registry — 7 / 10

Bundled with GitLab. Convenient if GitLab is the forge; less feature-rich than Harbor.

Docker Hub — 7 / 10

Public-first registry. Free tier rate-limited, less control. Useful for public images; weak for private platform use.

Quay.io — 7 / 10

Red Hat-hosted Quay. Convenient in Red Hat shops.

Google Artifact Registry (GAR) — 8 / 10

GCP-native registry. Strong inside GCP; locked to it.

Azure Container Registry (ACR) — 8 / 10

Azure-native registry. Same notes as ECR / GAR for Azure-locked workloads.

Harbor Cloud (various vendors) — 8 / 10

Managed Harbor hosting from third parties. Same OSS technical model, hosted.

Scoring summary

Tool Score Type Best for
Harbor 9 OSS Self-hosted OSS registry
Artifactory 9 SaaS Enterprise multi-format artifacts
GHCR 8 SaaS GitHub-native, public repos
ECR 8 SaaS AWS-native
GAR 8 SaaS GCP-native
ACR 8 SaaS Azure-native
Harbor Cloud 8 SaaS Managed Harbor
GitLab Registry 7 SaaS GitLab-bundled
Docker Hub 7 SaaS Public images
Quay.io 7 SaaS Red Hat-aligned
Quay (OSS) 7 OSS Red Hat-aligned self-hosted
Zot 7 OSS Minimalist OCI
Docker Distribution 5 OSS Reference implementation

Top in this category

Top OSS pick: Harbor. Top managed pick: Artifactory (enterprise) or cloud-native ECR/GAR/ACR (cloud-locked).

Harbor is the unambiguous top of OSS self-hosted registries. This stack’s pick is the category top.

Work Experience

Epic Data Operations 7 months
Octopyth Data Engineering and Operations 1 year 11 months
MiFinity Business Intellignece Manager (1 direct report) 7 months
Nexo Senior Data Engineer (2 direct reports) 1 year 10 months
Rank Interactive Senior Data Analyst 1 year 8 months
IBM Predictive Analytics and Reporting 1 year 1 month
Hewlett-Packard Service Level Management and Reporting 6 years 2 months

Data Stack

Dagster Dagster workflows ClickHouse ClickHouse storage dlt dlt ingestion dbt dbt transformations Lightdash Lightdash dashboards Vault Vault secrets Headscale Headscale VPN Authentik Authentik SSO Grafana Grafana observability Elementary Elementary data quality Flux CD Flux CD deployment Forgejo Forgejo code repo Harbor Harbor registry Claude Code Claude Code coding Kubernetes Kubernetes containers