Try JFrog
Guides
Contact SupportTry JFrog
  1. Migration
  2. Nexus Repository Manager Migration to JFrog Artifactory

Migration Tool Run in Multiple Stages

Run migration stages sequentially (config, getConfig, createRepo, migrateArtifact, migrateSecurity) with options to filter repos and resume.

Run the script with the options in the following order if you want to go through the different stages individually.

  1. config
  2. getConfig
  3. createRepo
  4. migrateArtifact
  5. migrateSecurity

The following table provides information about the options available with the migrator script.

Option

Description

all

Run the migration script in a single step.

disable-security-migration - This option disables fetching security details—such as users, groups, and privileges—from Nexus during migration.

For example,

/jfrog-nexus-migrator-<version>.sh all --disable-security-migration="true"

config, c

Configure information about Artifactory and Nexus Repository.

getConfig, gc

Get configuration information from Nexus Repository.

disable-security-migration - This option disables fetching security details—such as users, groups, and privileges—from Nexus during migration.

For example,

/jfrog-nexus-migrator-<version>.sh gc --disable-security-migration="true"

createRepo, cr

Create target repositories in Artifactory.

migrateArtifact, ma

Migrate artifacts from Nexus Repository to Artifactory.

You can use the following optional commands when you migrate from Nexus 3.

  • repos - To specify the repositories to migrate.

    For example, /jfrog-nexus-migrator-<version>.sh ma --repos="docker-local,maven-release" command, migrates docker-local and maven-release repositories and ignores the rest of the repositories.

    You can also wildcards inputs to migrate all repositories that satisfies the condition.

    For example, /jfrog-nexus-migrator-<version>.sh ma --repos="docker*,maven*" command, migrates all repositories that start with docker or maven.

  • check-binary-exists - Skip the artifacts if they exist in Artifactory. Also, if Artifactory already contains a user-readable artifact with the same checksum, the artifact content is copied over to the new location. The default value is false.

  • force - Forces migration run for all repositories regardless of their migration status. The default value is false.

  • print-failed-artifacts - Prints the list of all artifacts that failed the migration process to the file, failedArtifacts.txt.

  • include-pattern - To migrate artifacts from specific repository paths, use the option --include-pattern=<path1>,<path2>,.... It supports multiple comma-separated patterns. For example:

       - Single pattern: `./jfrog-nexus-migrator-<version>.sh ma --include-pattern="test/"`
   - Multiple patterns: `./jfrog-nexus-migrator-<version>.sh ma --include-pattern="test/,prod/,staging/"`

    Only artifacts matching the specified patterns are migrated.

  • use-existing-asset-file - To fetch the asset list that contains the artifacts to migrate from an external file.

    Keep the asset file with name as <repo-name>_assetmap.json inside migration/nexus-migrator folder and set --use-existing-asset-file="true" while running the migrateArtifacts step.

    ./jfrog-nexus-migrator-<version>.sh ma --use-existing-asset-file="true"

  • include-assets-created-after - Includes only the assets created after this date ("YYYY-MM-DDT00:00:00.000Z") for migration. For example, --include-assets-created-after="2025-01-01T00:00:00.000Z"

  • include-assets-downloaded-after - Includes only the assets downloaded after this date ("YYYY-MM-DDT00:00:00.000Z") for migration. For example, --include-assets-downloaded-after="2025-01-01T00:00:00.000Z"

📘

Note

If both flags (include-assets-created-after and include-assets-downloaded-after) are provided, include-assets-created-after takes precedence.

migrateSecurity, ms

Migrate users, groups, and permission targets from Nexus Repository to Artifactory.

You can run the migration script with the getConfig, createRepo, migrateArtifact, and migrateSecurity options in sequence to load new objects from the configured Nexus Repository Manager into Artifactory. If you pause the migration on a Nexus 3 installation and resume later, the migrator tool migrates only repositories and security entities added after the pause. For Nexus 2 installations, the migrator tool migrates all repositories and security entities regardless of whether they were migrated before the pause.

📘

Note

If you convert an existing repository to a federated repository, the migrator tool migrates new artifacts to the federated repository.

The migrator tool creates YAML files and JSON files based on the Nexus Repository Manager inside the folder, <working directory>/migration/nexus-migrator.

The migrator tool creates the following configuration files:

  • migrationConfig.yaml
  • repositories.list
  • repositories.yaml
  • security.json
  • securityLdapConf.yaml
  • securityRegexMap.list

Related Topics

Frequently Asked Questions

This section provides answers to frequently asked questions.

FAQs
Q: What is the required order for running the migration stages?

A: The stages must run in this sequence: config, getConfig, createRepo, migrateArtifact, then migrateSecurity. Running them out of order will produce incomplete or inconsistent results in Artifactory.

Q: How do I migrate only specific repositories instead of all repositories?

A: Use the --repos option with the migrateArtifact (ma) stage. You can specify a comma-separated list of exact repository names or use wildcard patterns. For example, --repos="docker*,maven*" migrates all repositories whose names start with docker or maven.

Q: What happens if I pause the migration and resume it later?

A: For Nexus 3 installations, resuming migration processes only repositories and security entities added after the pause. For Nexus 2 installations, the migrator tool migrates all repositories and security entities regardless of whether they were previously migrated.

Q: How do I skip artifacts that already exist in Artifactory?

A: Pass the --check-binary-exists flag to the migrateArtifact stage. When set, the tool skips artifacts already present in Artifactory. If Artifactory already contains a user-readable artifact with the same checksum, the artifact content is copied to the new location rather than re-downloaded.

Q: How do I exclude security data such as users, groups, and privileges from migration?

A: Add --disable-security-migration="true" to the all or getConfig stage command. For example: ./jfrog-nexus-migrator-<version>.sh gc --disable-security-migration="true". This prevents the tool from fetching security details from Nexus during that stage.