Details

How does Xray Online and Offline DB sync works?
AuthorFullName__c
Nimer Bsoul
articleNumber
000004344
ft:sourceType
Salesforce
FirstPublishedDate
2018-11-15T15:42:54Z
lastModifiedDate
2024-03-10T07:49:11Z
VersionNumber
8

 

The Xray online DB sync runs once a day as a background job. It is recommended to manually initiate DB sync right after the system installation.
Sync for the first time will download all vulnerabilities and components from JXray.
Online sync keeps the state of the downloaded content, hence if the sync went wrong for some reason, the next sync will be resumed from the last point it stopped.

Abort operation, on the other hand, resets the state, and the next db sync will act as a full DB sync once again.
DB Sync consists of 2 parts:

  1. Downloading and saving the data from JXray

  2. Running impact analysis on the saved data - occurs in parallel with the downloads.
    The percentages in the UI will display the download progress, however, will not display the impact analysis progress - impact analysis can still go on after the download has finished.

Offline db sync is a manual process. Since we don’t have access to JXray, we bring the compressed db sync files from JXray using JFrog CLI, then these files should be placed in Xray local updates folder. Once done, you may run the upload command from Xray UI / REST API to upload the files to the Xray DB.