{"id":13679858,"url":"https://github.com/jfrog/docker2artifactory","last_synced_at":"2025-10-10T02:56:18.665Z","repository":{"id":49333608,"uuid":"128829311","full_name":"jfrog/docker2artifactory","owner":"jfrog","description":null,"archived":false,"fork":false,"pushed_at":"2023-02-12T13:46:46.000Z","size":122,"stargazers_count":30,"open_issues_count":7,"forks_count":14,"subscribers_count":48,"default_branch":"master","last_synced_at":"2025-04-29T19:35:32.665Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jfrog.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SecurityMigrator.py","support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-04-09T20:23:05.000Z","updated_at":"2025-02-10T15:32:37.000Z","dependencies_parsed_at":"2024-01-14T15:04:15.534Z","dependency_job_id":"7fa80472-8207-4c4e-9af5-404cd4139434","html_url":"https://github.com/jfrog/docker2artifactory","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/jfrog/docker2artifactory","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fdocker2artifactory","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fdocker2artifactory/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fdocker2artifactory/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fdocker2artifactory/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jfrog","download_url":"https://codeload.github.com/jfrog/docker2artifactory/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fdocker2artifactory/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002512,"owners_count":26083403,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T13:01:10.321Z","updated_at":"2025-10-10T02:56:18.638Z","avatar_url":"https://github.com/jfrog.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"Docker2Artifactory\n==================\nThis tool is designed to ease the transition from 3rd party V2 Docker registries to JFrog Artifactory.\n\n---\n# Features\n\n## Data Migration\n\n* [Token based registries](#generic-registry-migrator)\n* [Anonymous access registries](#generic-registry-migrator)\n* [DTR (Docker Trusted Registry)](#dtr-registry-migrator)\n* [Quay (SaaS)](#quay-registry-migrator)\n* [Quay EE (Enterprise Edition)](#quay-enterprise-edition-registry-migrator)\n* [ECR](#amazon-ecr-registry-migrator)\n* [GCR](#google-container-registry-migrator)\n\n## Security Migration (Users, Groups and Permissions)\n\n* [Docker EE (UCP and DTR)](#docker-ee-security-migration)\n* [Quay EE](#quay-ee-security-migration)\n\n## Requirements\n\n* Artifactory 4.4.3+\n * JCR 6.15.0+ - Data migration only, security migration not supported \n* Python 2 (tested on 2.7) **or** Docker with internet access\n\n---\n# Usage\n\n## Data Migration\n\n1. Checkout the project: \n```bash\ngit clone https://github.com/JFrogDev/docker2artifactory.git\n```\n2. Go into the directory you just cloned\n3. Run the tool:\n * Using Python: \n```bash\npython DockerMigrator.py ......\n```\n * Using Docker: \n```bash\ndocker run -it --rm --name my-running-script -v \"$PWD\":/usr/src/myapp -w /usr/src/myapp python:2.7.14 python DockerMigrator.py .....\n```\n\n### Generic registry migrator\nThe generic registry migrator works against token based registries. This includes DockerHub, Artifactory registries, and many others. The this tool has two modes of operation, auto-discovery and guided migrations. In auto-discovery mode, the tool will query the source registry (using standard Docker registry apis) to get a full listing of all the available image names and tags. It will then migrate all of the images it finds. In the guided mode, you provide a list of image names and tags you wish to migrate (see [Image file format](#image-file-format))\n\n#### Input\n\n```bash\nusage: python DockerMigrator.py generic [-h]\n [--source-username SOURCE_USERNAME]\n [--source-password SOURCE_PASSWORD]\n [--ignore-certs] [--overwrite]\n [--num-of-workers WORKERS] [-v]\n [--image-file IMAGE_FILE]\n source artifactory username password\n repo\n\noptional arguments:\n -h, --help show this help message and exit\n --ignore-certs Ignore any certificate errors from both source and\n destination\n --overwrite Overwrite existing image/tag on the destination\n --num-of-workers WORKERS\n Number of worker threads. Defaults to 2.\n -v, --verbose Make the operation more talkative\n --image-file IMAGE_FILE\n Limit the import to a set of images in the provided\n file. Format of new line separated file: '\u003cimage-\n name\u003e:\u003ctag\u003e' OR '\u003cimage-name\u003e' to import all tags of\n that repository.\n\nsource:\n source The source registry URL\n --source-username SOURCE_USERNAME\n The username to use for authentication to the source\n --source-password SOURCE_PASSWORD\n The password to use for authentication to the source\n\nartifactory:\n artifactory The destination Artifactory URL\n username The username to use for authentication to Artifactory\n password The password to use for authentication to Artifactory\n repo The docker repository in Artifactory to store the images\n```\n\n#### Importing from DockerHub\nDockerHub does not implement the catalog API. To migrate images from DockerHub, follow these guide lines:\n\n1. Set the source registry URL as https://registry-1.docker.io\n2. Provide an [image file list](#image-file-format) of the images you want to migrate\n3. If the image is an 'offiial' image (like centos, busybox, hello-world), the name must be prepended with `library/`. For centos, this would look be `library/centos` or `library/centos:latest` for the latest tag.\n4. If you are migrating images that are private, provide the --source-username and --source-password.\n\n### DTR registry migrator\nThe DTR registry migrator works against the Docker Trusted Registry (DTR). The generic migrator can also be used for DTR but will rely on standard APIs (which have known issues in DTR). This version will use DTR proprietary APIs (api/v0) for the auto-discovery mechanism. The this tool has two modes of operation, auto-discovery and guided migrations. In auto-discovery mode, the tool will query DTR APIs to get a full listing of all the available image names and tags. It will then migrate all of the images it finds. In the guided mode, you provide a list of image names and tags you wish to migrate (see [Image file format](#image-file-format))\n\n#### Input\n\n```bash\nusage: python DockerMigrator.py dtr [-h] [--ignore-certs] [--overwrite]\n [--num-of-workers WORKERS] [-v]\n [--image-file IMAGE_FILE]\n source dtr_username dtr_password\n artifactory username password repo\n\noptional arguments:\n -h, --help show this help message and exit\n --ignore-certs Ignore any certificate errors from both source and\n destination\n --overwrite Overwrite existing image/tag on the destination\n --num-of-workers WORKERS\n Number of worker threads. Defaults to 2.\n -v, --verbose Make the operation more talkative\n --image-file IMAGE_FILE\n Limit the import to a set of images in the provided\n file. Format of new line separated file: '\u003cimage-\n name\u003e:\u003ctag\u003e' OR '\u003cimage-name\u003e' to import all tags of\n that repository.\n\nsource:\n source The DTR registry URL\n dtr_username The username of a DTR admin\n dtr_password The DTR admin password or token\n\nartifactory:\n artifactory The destination Artifactory URL\n username The username to use for authentication to Artifactory\n password The password to use for authentication to Artifactory\n repo The docker repository in Artifactory to store the\n images\n```\n\n### Quay registry migrator\nThe Quay registry migrator works against Quay's SaaS offering. It works against both public and private registries. The this tool has two modes of operation, auto-discovery and guided migrations. In auto-discovery mode, the tool will query the source registry (using Quay specifc apis) to get a full listing of all the available image names and tags. It will then migrate all of the images it finds. In the guided mode, you provide a list of image names and tags you wish to migrate (see [Image file format](#image-file-format))\n\nTo use this tool, you **need** to [generate a token for internal application use](https://docs.quay.io/api/).\n\n#### Input\n\n```bash\nusage: python DockerMigrator.py quay [-h] [--ignore-certs] [--overwrite]\n [--num-of-workers WORKERS] [-v]\n [--image-file IMAGE_FILE]\n namespace token artifactory username\n password repo\n\noptional arguments:\n -h, --help show this help message and exit\n --ignore-certs Ignore any certificate errors from both source and\n destination\n --overwrite Overwrite existing image/tag on the destination\n --num-of-workers WORKERS\n Number of worker threads. Defaults to 2.\n -v, --verbose Make the operation more talkative\n --image-file IMAGE_FILE\n Limit the import to a set of images in the provided\n file. Format of new line separated file: '\u003cimage-\n name\u003e:\u003ctag\u003e' OR '\u003cimage-name\u003e' to import all tags of\n that repository.\n\nquay:\n namespace The username or organization to import repositories\n from\n token The OAuth2 Access Token\n\nartifactory:\n artifactory The destination Artifactory URL\n username The username to use for authentication to Artifactory\n password The password to use for authentication to Artifactory\n repo The docker repository in Artifactory to store the images\n```\n\n### Quay Enterprise Edition registry migrator\nThe Quay registry migrator works against Quay's Enterprise offering. It works against both public and private registries. The this tool has two modes of operation, auto-discovery and guided migrations. In auto-discovery mode, the tool will query the source registry to get a full listing of all the available image names and tags. It will then migrate all of the images it finds. In the guided mode, you provide a list of image names and tags you wish to migrate (see [Image file format](#image-file-format))\n\nTo use this tool, you need to provide the *super user's* credentials or an oauth [token](https://docs.quay.io/api/) with all permissions.\n\n#### LIMITATIONS\n\nQuay does not have the concept of an all seeing user. The super user cannot see other users' repositories. **To properly import all repositories, all users/organizations should grant the super user being used READ access to their repositories.**\n\n#### Input\n\n```bash\nusage: python DockerMigrator.py quayee [-h]\n [--source-username SOURCE_USERNAME]\n [--source-password SOURCE_PASSWORD]\n [--token TOKEN] [--ignore-certs]\n [--overwrite]\n [--num-of-workers WORKERS] [-v]\n [--image-file IMAGE_FILE]\n source artifactory username password\n repo\n\noptional arguments:\n -h, --help show this help message and exit\n --ignore-certs Ignore any certificate errors from both source and\n destination\n --overwrite Overwrite existing image/tag on the destination\n --num-of-workers WORKERS\n Number of worker threads. Defaults to 2.\n -v, --verbose Make the operation more talkative\n --image-file IMAGE_FILE\n Limit the import to a set of images in the provided\n file. Format of new line separated file: '\u003cimage-\n name\u003e:\u003ctag\u003e' OR '\u003cimage-name\u003e' to import all tags of\n that repository.\n\nsource:\n source The source registry URL\n --source-username SOURCE_USERNAME\n The super user username\n --source-password SOURCE_PASSWORD\n The super user password\n --token TOKEN The OAuth2 Access Token\n\nartifactory:\n artifactory The destination Artifactory URL\n username The username to use for authentication to Artifactory\n password The password to use for authentication to Artifactory\n repo The docker repository in Artifactory to store the images\n\n```\n\n### Amazon ECR registry migrator\nThe Amazon ECR registry migrator works against Amazon's ECR service. The this tool has two modes of operation, auto-discovery and guided migrations. In auto-discovery mode, the tool will query the source registry (using standard Docker registry apis) to get a full listing of all the available image names and tags. It will then migrate all of the images it finds. In the guided mode, you provide a list of image names and tags you wish to migrate (see [Image file format](#image-file-format))\n\n#### Getting the token\n\nAmazon does not support token authentication like Docker token based registries expect them. Instead, you need to generate an Amazon token/password (which will be valid for 12 hours) to use with this tool.\nTo do so, you can perform the following call with the aws tool (see [Registry Authentication](https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html#registry_auth)):\n\n\n```bash\naws ecr get-login --no-include-email\n```\n\nThis will produce an output like this:\n\n```bash\ndocker login -u AWS -p password https://aws_account_id.dkr.ecr.us-east-1.amazonaws.com\n```\n\nThe token you need to supply to this tool is the *password* from above, the source will be the URL provided above (in this example the token would be password and the source https://aws_account_id.dkr.ecr.us-east-1.amazonaws.com).\n\n#### Input\n\n```bash\nusage: python DockerMigrator.py ecr [-h] [--ignore-certs] [--overwrite]\n [--num-of-workers WORKERS] [-v]\n [--image-file IMAGE_FILE]\n source token artifactory username password\n repo\n\noptional arguments:\n -h, --help show this help message and exit\n --ignore-certs Ignore any certificate errors from both source and\n destination\n --overwrite Overwrite existing image/tag on the destination\n --num-of-workers WORKERS\n Number of worker threads. Defaults to 2.\n -v, --verbose Make the operation more talkative\n --image-file IMAGE_FILE\n Limit the import to a set of images in the provided\n file. Format of new line separated file: '\u003cimage-\n name\u003e:\u003ctag\u003e' OR '\u003cimage-name\u003e' to import all tags of\n that repository.\n\nsource:\n source The source registry URL\n token The token generated by the aws tool\n\nartifactory:\n artifactory The destination Artifactory URL\n username The username to use for authentication to Artifactory\n password The password to use for authentication to Artifactory\n repo The docker repository in Artifactory to store the images\n```\n\n\n### Google Container Registry migrator\nThe GCR migrator works against Google's GCR service. The this tool has two modes of operation, auto-discovery and guided migrations. In auto-discovery mode, the tool will query the source registry (using standard Docker registry apis) to get a full listing of all the available image names and tags. It will then migrate all of the images it finds. In the guided mode, you provide a list of image names and tags you wish to migrate (see [Image file format](#image-file-format))\n\n#### Getting the JSON key file\n\nYou will need a [JSON key file](https://support.google.com/cloud/answer/6158849#serviceaccounts) with the correct permissions to perform the migration. If you do not already have one, follow [Google's Advanced Authentication document](https://cloud.google.com/container-registry/docs/advanced-authentication#using_a_json_key_file).\n\n#### Input\n\n```bash\nusage: python DockerMigrator.py gcr [-h] [--source SOURCE] [--ignore-certs]\n [--overwrite] [--num-of-workers WORKERS]\n [-v] [--image-file IMAGE_FILE]\n keyfile artifactory username password repo\n\noptional arguments:\n -h, --help show this help message and exit\n --ignore-certs Ignore any certificate errors from both source and\n destination\n --overwrite Overwrite existing image/tag on the destination\n --num-of-workers WORKERS\n Number of worker threads. Defaults to 2.\n -v, --verbose Make the operation more talkative\n --image-file IMAGE_FILE\n Limit the import to a set of images in the provided\n file. Format of new line separated file: '\u003cimage-\n name\u003e:\u003ctag\u003e' OR '\u003cimage-name\u003e' to import all tags of\n that repository.\n\nsource:\n --source SOURCE The source registry URL (defaults to https://gcr.io)\n keyfile The Google JSON key file\n\nartifactory:\n artifactory The destination Artifactory URL\n username The username to use for authentication to Artifactory\n password The password to use for authentication to Artifactory\n repo The docker repository in Artifactory to store the images\n```\n\n### Image file format\nThe image file format accepts two types of entries. The first is specifying an image and optionally a namespace. The second is specifying an image (and optional a namespace) and a tag. When the first option is used (no tag is specified), the tool will migrate ALL the tags for that particular image name.\n\nFor example:\n```\nbusybox\njfrog/artifactory-pro\njfrog/mission-control:1.0\n```\n\nThis would result in all tags of `busybox` and `jfrog/artifactory-pro` being migrated but only the 1.0 tag for `jfrog/mission-control`.\n\n## Security Migration\n\nTo migrate security information from the Docker registry to Artifactory, follow the steps described at the Data Migration session but use the `SecurityMigrator.py` script instead of `DockerMigrator.py`. Examples:\n\n* Using Python: \n```bash\npython SecurityMigrator.py ......\n```\n * Using Docker: \n```bash\ndocker run -it --rm --name my-running-script -v \"$PWD\":/usr/src/myapp -w /usr/src/myapp python:2.7.14 python SecurityMigrator.py .....\n```\n\n### Docker EE Security Migration\n\nUsing this option, the tool reads Users, Organizations and Teams data from Docker Universal Control Plane (UCP) and Permissions information from Docker Trusted Registry (DTR) and creates the appropriate Users, Groups and Permissions in Artifactory. This feature has been tested with UCP 2.2.5 and DTR 2.4.1.\n\n#### Input\n\n```bash\nusage: python SecurityMigrator.py dockeree [-h] [--ignore-certs] [--overwrite]\n [-v]\n ucp dtr dockeree-username\n dockeree-password artifactory\n username password repo\n initial-password email-suffix\n\nDocker EE security data to Artifactory migrator. Migrates users, teams and\npermissions from Docker EE UCP and DTR to Artifactory.\n\npositional arguments:\n initial-password The password to be assigned to migrated users in\n Artifactory\n email-suffix The email suffix to be assigned to migrated users in\n Artifactory\n\noptional arguments:\n -h, --help show this help message and exit\n --ignore-certs Ignore any certificate errors from both source and\n destination\n --overwrite Overwrite existing users, groups or permissions on the\n destination\n -v, --verbose Make the operation more talkative\n\ndockeree:\n ucp The Docker Universal Control Plane (UCP) URL\n dtr The Docker Trusted Registry (DTR) URL\n dockeree-username The username to use for authentication to the Docker EE\n tools\n dockeree-password The password to use for authentication to the Docker EE\n tools\n\nartifactory:\n artifactory The destination Artifactory URL\n username The username to use for authentication to Artifactory\n password The password to use for authentication to Artifactory\n repo The docker repository in Artifactory to store the images\n```\n\n### Quay EE Security Migration\n\nUsing this option, the tool reads users, organization robots, organizations, teams, and permissions. The tools imports these elements (with some adjustments and mappings). See Limitations and Notes.\n\n#### LIMITATIONS AND NOTES\n\n* To use this tool, you **need** to [generate a token for internal application use (for a super user)](https://docs.quay.io/api/)\n* Only the organization/repos/permissions the super user has access to will be imported\n* To properly import all permissions, all users/organizations need to make the super user account being used to run this tool an admin of the repository/organization\n* Robot accounts\n * Imported only for organizations\n * Name changes from org+name to org-name\n * Retain their same keys but it is a password in Artifactory\n\n#### Input\n\n```bash\nusage: python SecurityMigrator.py quayee [-h] [--ignore-certs] [--overwrite]\n [-v]\n source token artifactory username\n password repo initial-password\n\nQuay EE security data to Artifactory migrator. Migrates users, teams and\npermissions from Quay EE to Artifactory.\n\npositional arguments:\n initial-password The password to be assigned to migrated users in\n Artifactory\n\noptional arguments:\n -h, --help show this help message and exit\n --ignore-certs Ignore any certificate errors from both source and\n destination\n --overwrite Overwrite existing users, groups or permissions on the\n destination\n -v, --verbose Make the operation more talkative\n\nsource:\n source The source registry URL\n token The OAuth2 Access Token of the super user\n\nartifactory:\n artifactory The destination Artifactory URL\n username The username to use for authentication to Artifactory\n password The password to use for authentication to Artifactory\n repo The docker repository in Artifactory to store the images\n ```\n\n\n---\n# Testing\n\nThis project uses Python's [unittest framework][]. To run the tests, you can use your favorite IDE, or run them from the command line.\n\n## Setup\n1. Copy the tests/config/*.example to tests/config/* and populate the properties\n2. Add an Artifactory license to tests/config/artifactory.lic\n\nTo run the unit tests from the command line (requires Python 2.7):\n\n``` shell\ncd tests\npython -m unittest discover -v -p \"*Test.py\"\n```\n\n[unittest framework]: https://docs.python.org/2/library/unittest.html\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjfrog%2Fdocker2artifactory","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjfrog%2Fdocker2artifactory","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjfrog%2Fdocker2artifactory/lists"}