The shutdown of Bintray and JCenter comes as a rough entry in the 2021 Bingo card for many developers - most Android projects as well as Gradle and many others publish their artifacts via Bintray into JCenter. The migration timelines are tight for both consumers and producers of artifacts - Bintray will stop accepting submissions at the end of February 2021, and the entire service will shut its lights on May 1, 2021.
As custodians of the Central Repository, we here at Sonatype understand the monumental effort that can go into maintaining a safe, reliable and robust open source ecosystem.
We want to assure the community that Sonatype's commitment to maintaining Central remains strong, and we are taking steps to ensure the projects that wish to migrate over from Bintray are supported.
This article is a practical guide on the steps you can take to ensure that your use and distribution of open source components continues smoothly. To learn more about our commitment to the users and publishers of the Central Repository read the recent blog post by Sonatype Co-Founder and Maven grandee Brian Fox.
Many projects that are available via JCenter have been mirrored from Central, and so for many the process should be a matter of changing repositories in configs. The steps outlined will be useful similarly for developers in Go using GoCenter or Helm users using ChartCentral.
Developers and consumers - three step plan
As a consumer, you have to change your configuration to use Central or other authority instead of JCenter. Most artifacts available through JCenter were actually mirrored from the Central Repository - so in many cases the migration will be a drop-in replacement by updating your build configuration. Similarly, Go and Helm now have official sources JFrog is advising you to migrate to.
The three-step plan you should follow as a consumer of open source is set below:
- NOW: Set up a proxy repository to cache your components.
- Test for component availability.
- Finalise your migration.
1. Set up a proxy repository to cache your components
One of the main concerns on May 1, 2021, will be the ongoing availability of the artifacts exclusively hosted in JCenter as JFrog have offered up no plan to migrate or archive the contents to the public. To combat this very imminent issue of missing artifacts affecting your builds on May 1, 2021, you should set up a proxy repository to JCenter which will store copies of what you are using - ensuring what you need is cached in your repository.
The easiest way to do so, is to use Nexus repository manager OSS. It comes set up with everything you need - just create a new proxy repository to JCenter and add it to the built-in group maven-public. Instructions on how to do this can be found here:
Java - use the Central Repository
As mentioned, most Java users will find the Central Repository their best port of call. The good news is all major artifact repositories come set up with Central connections out of the box. Getting a proxy to JCenter now and creating a group repository will help you cache what you need for the cutover.
- Proxying Maven Repositories - how to create a Proxy to JCenter with Nexus Repository Manager
- Grouping Maven Repositories with Sonatype Nexus Repository Manager
Go - use Go Dev
The recommended location to discover packages after GoCenter is shut down is https://pkg.go.dev . There are a number of public athens servers that help you download components easier - for example https://gonexus.dev/.
We recommend using group and proxy repositories similarly to Java to centralise the access to these new locations.
- Proxying Go Repositories with Sonatype Nexus Repository Manager
- Grouping Go Repositories with Sonatype Nexus Repository Manager
Helm - use ArtifactHub
Helm users will need to configure entirely new locations for their artifacts. The accepted community destination is https://artifacthub.io/ from the CNCF. Artifact hub can be proxied using Nexus Repository manager easily.
All tooling - changing configuration to use your new proxy and group
If you did the above steps, when the time comes for JCenter/GoCenter/ChartCenter to go offline you'll have stored copies of all you need to continue building. This also helps your developers experience, as they won't have to change the configuration once the switchover happens. See below how to configure tooling to use your new proxies.
Gradle, Kotlin and Android users
In your build.gradle repositories section needs to be updated in line with the examples from the gradle documentation:
We however recommend using a group repository to proxy all required sources - for example by using Sonatype Nexus Repository Manager OSS. To configure a connection to a proxy repository you may use the following snippet:
Make sure your WORKSPACE file has a maven central entry or a entry pointing to an artifact repository in the maven_install section:
artifacts = [
repositories = [
You should search for the built-in JCenter resolver and replace all entries to point to Central. See SBT documentation for more information:
Maven comes pre-configured with a Central connection in settings.xml and you most likely will already have the connection configured. If you have removed it, the repository connections are set in the repositories section.
- To change Maven to use your new proxy registry is easy, just add a new repository connection in your settings.xml
Go developers - using GOPROXY
Proxying from go is less straightforward versus other languages. Fundamentally this relies on updating $GOPROXY as a developer to point to your newly created go Proxy.
Helm users - add new repository
Helm users will need to change their helm repository config with the helm command to add the new repository address in place.
helm repo add <helm_repository_name> http://<host>:<port>/repository/<nexus_repository_name>/ --username <username> --password <password>
JFrog Artifactory self-hosted users
JFrog have stated that users of their self-hosted repositories that connect to GoCenter, JCenter or ChartCenter should update their remote repositories to use canonical sources. https://www.jfrog.com/confluence/display/JFROG/Repository+Management
2. Test Availability & Raise Migration tickets
Once you have connectivity set up, you should test your builds without JCenter availability by temporarily removing it from the group, This will help you to identify what components you have that are currently JCenter exclusives - and what you'll need keep cached.
From an industry perspective, as custodians of Maven Central Sonatype is investing in helping projects migrate over from Bintray as soon as possible, but we cannot guarantee all will make the cut. Should you identify as project you'll need you should reach out to them to understand what their future destination will be.
3. Finalise migration
Once all the artifacts you need have migrated over to Central and your build clears, you are sailing in smooth waters once again. With Repository in place your experience should be close to seamless. You can now finalize your transition and enjoy calm weather once more.