If you are working in an offline mode, you need to manually sync the database to download components data and enable Operational Risk detection.
Do the following:
In the Administration module, go to Xray Security and Compliance and select Database Sync.
Select the Offline sync mode and click Generate Download Command.
A command is generated similar to this:
jfrog xr offline-update --license-id=<LICENSE_ID> --version=<XRAY_VERSION>
If the command includesFromandToparameters, remove them so the command looks like the example above.
Copy the command and run it in the CLI.
The CLI will download 2 files: comp_0.zip and vuln_0.zip
Unzip the components file, for example, comp_{NUMBER}.zip. It contains additional zip files such as:
2022-03-22__onboardingf__comp2801_2803__.zip
Place the extracted components zip files under the following folder in Xray server.
${XRAY_HOME}/var/work/server/updates/data_migration/public_comps_operational_risk_files/
Trigger the components operational risk persistence migration:
[post] <XRAY_URL>/api/v1/migration/trigger/public_comps_operational_risk Content-Type : application/json
Use the migration values REST API to monitor the operational risk migration process. To learn more about running Xray commands, see Xray REST API.
Once the migration is completed, the migration status will be set to finished. In case of any other status that contains failure information, check the logs and or contact JFrog's customer support.
[GET] <XRAY_URL>/api/v1/migration/data/value?key=public_comps_operational_risk
Sample Response:
{ "key": "public_comps_operational_risk", "value": "finished" }