NOTE : The high minimum disk space requirement is because Xray recursively extracts each artifact from its parent component to ensure that it identifies all binaries down to the deepest level. So to meet the compute requirements of Xray’s deep recursive scan, we recommend the following hardware configuration for the machine on which Xray is running: JFrog Xray identifies each binary irrespective of the technology and the number of layers in which the binary is embedded. For example, a Docker image may have few “ jar ” and“ js ” files within a “ war ” file, all of which reside in a “ tar.gz ” file. This operation is compute intensive, and depending on the size and complexity of an artifact, the compute requirement varies. In this process, a component graph that includes the correlation between all indexed binaries is created. This ensures that all binaries are picked up for analysis even if they are embedded deep within a complex component structure. Xray does a deep recursive scan of artifacts to index them together with all their dependencies. Here are three ways to make the installation process smoother: Boost CPU Intensive Processes with More Compute Power ![]() However, if your company’s security policies mandate production systems to be fully isolated from the external network, you should use offline sync. Xray can also be configured to talk to these URLs via a proxy server. The connection to these URLs is required for online data sync. It listens to all incoming requests from Artifactory and external services on port 8000 and pulls in vulnerability and component data from the cloud from and dl. The central microservice is the Xray Server. There’s the Installer microservice, which when invoked, spins up five Xray internal microservices and three third-party ones (RabbitMQ, MongoDB, and Postgres). Xray is architectured as a system of nine microservices. Microservices: Great Things Come In Small Packages ![]() This post assumes you have some familiarity with Xray, so if you are new to scanning the artifacts in your Artifactory repositories, you might want to start with our first blog post about Xray to get familiar with it. Now, after several months, with the diverse experience and feedback from the many customers who installed it, we’d like to share some best practices that will help you get started with Xray. Customers were very excited about the ability to hook up their Artifactory repositories and have Xray automatically do a deep recursive scan of their artifacts to weed out issues and vulnerabilities. JFrog first released Xray in July 2016, and the response was phenomenal. For information about the current release of Xray, please see this knowledge base article. NOTE: This blog post refers to JFrog Xray v1.x.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |