Breadcrumbs

How to Force a Resource Vulnerability Index Sync for On-Premise Environments

Summary

To properly maintain the Mend On-Premise offering, the Resource Vulnerability Index (RVI) needs to be synced with the Mend Index on a daily basis. By default, an RVI sync is set to occur once a day. This ensures that your project inventories consistently have the most up-to-date information for vulnerabilities.

You will want force a re-sync with the Mend index in the following cases:

  • False positives are reported to the Mend security team and the fix hasn’t been updated in your database. Example: When a CVE is reported against library versions where the “Top Fix” to the vulnerability is to upgrade to the current version that already exists in the inventory report.

  • Vulnerabilities are not being displayed for newly scanned products/projects.

Instructions

  1. Locate the settings in the prop.json file and change them accordingly: 

    		{
			"propertyName": "rviTakeBatchSize",
			"enabled": true,
			"hidden": true,
			"propertyValue": "50",
			"propertyPaths": [
				"/usr/local/whitesource/conf/wss.properties"
			],
			"propertyDoc": "Rvi Take Batch Size",
			"javaClass": "java.lang.Integer",
			"group": "Other"
		},
		{
			"propertyName": "rviSyncReadTimeout",
			"enabled": true,
			"hidden": true,
			"propertyValue": "420000",
			"propertyPaths": [
				"/usr/local/whitesource/conf/wss.properties"
			],
			"propertyDoc": "Rvi Sync Read Timeout",
			"javaClass": "java.lang.Integer",
			"group": "RVI"
		},



    		{
			"propertyName": "schedulerSyncWithRviDatabaseCronPattern",
			"propertyLabel": "Sync With RVI Database Task Scheduler Cron Pattern",
			"enabled": true,
			"hidden": true,
			"propertyValue": "0 */5 * * * *",
			"group": "Scheduled Tasks Cron Pattern"
		},

  2. You can check connectivity to your index by sending a request to the following URL (with a browser or command line utility):

    https://index.whitesourcesoftware.com/gri/app/check/ok

    The expected results are: HTTP Status Code: 200 OK

  3. After following these steps, please reboot the docker container so that the updated settings can be applied to the On-Premises server.

  4. Logs can be obtained from the docker container log.

Note: This will effectively force the RVI sync to run every 5 minutes, which will make your sync run within 5 minutes or less of re-starting the docker container.