sync
Active license requiredDescriptionโ
Re-scans existing package versions in the store to synchronize them with the updated configuration or with the latest rl-secure release.
We recommend running the sync command after every rl-secure update or major configuration change (including modifying policy configuration files).
If a new update is available and you haven't previously installed it, the self-update feature will automatically install the latest rl-secure the next time you run the sync command.
Using the sync command does not count towards the monthly analysis capacity.
To estimate the performance impact of synchronization, run the sync command with the --check-only option.
This executes the command in "dry-run" or simulation mode where it won't synchronize anything.
This is a safe way to check which package versions may require synchronization.
If the number of packages that require rescanning appears substantial, consider performing synchronization outside of business hours. Scheduling a maintenance window for this operation can reduce the system load and lessen the impact on CI/CD system integrations.
The --vault-key option is required when the password vault is active for your package store and when any of your projects contain password-protected files.
Without the vault key, the sync cannot be initiated and an error occurs.
If the sync command fails to analyze your software packages, make sure to run rl-secure clean after resolving the issue, and then attempt synchronization again.
While sync is typically used to rescan the entire package store, you can also use it selectively.
Use the package URL to specify a project/package name combination, and the command will check and synchronize matching package versions.
Usageโ
rl-secure sync <purl> [<options>]
Optionsโ
| Option | Description |
|---|---|
| -p, --purl | Package URL to synchronize (rescan with an updated configuration or engine), in the format [pkg:type/]<project></package><@version>. If omitted, all packages in the package store are synchronized. |
| --work-dir | Specify the path to a work directory for temporary files. If not specified, it is created in the package store root. |
| --concurrency ย | Specify the number of concurrent scan threads to use when running multiple scanner instances at the same time. When specified, this parameter limits performance per scanner instance to balance their load. Default value: max |
| --check-only | Use dry-run mode and only display versions that would be synced, without actually syncing. |
| --force | Reprocess all matching packages unconditionally. |
| --no-tracking | Don't display progress bars. |
| --vault-key | Provide the password vault key. Required if password vault is active for your package store. Note that this value is case-sensitive and can be changed at any time. |
| -h, --help | Display usage information and exit. |
| -s, --rl-store | Path to an initialized package store containing the package URL. If you don't specify the path, the current directory is used. |
Examplesโ
Synchronize the whole package storeโ
This example synchronizes all package versions in the package store that require reprocessing.
Package versions are considered out-of-sync when there are rl-secure updates and configuration changes.
When the package store has a password vault, you need to provide the vault key with the --vault-key option to reprocess the password-protected files.
The command expects the package store to exist in the current directory.
Use the -s or --rl-store options to provide an alternative path to the package store.
- Input
- Output
rl-secure sync --vault-key SECRETKEY
Estimated time to complete: 00:00:05
Preparing ...
Software my-project/my-package@1.0.1
Scanning [==================================================] 100% [00m:00s] 363/363 files
Merging [==================================================] 100% [00m:00s] 363/363 files
Software test-project/test-build@0.1-1
Scanning [==================================================] 100% [00m:00s] 12/12 files
Merging [==================================================] 100% [00m:00s] 12/12 files
Sync finished!
Synchronize a specific projectโ
This example synchronizes all versions in a project that require reprocessing.
Packages are considered out-of-sync when there are rl-secure updates and configuration changes.
If the project contains password-protected packages, you need to provide the package store vault key with the --vault-key option for rl-secure to reprocess them.
The command expects the package store to exist in the current directory.
Use the -s or --rl-store options to provide an alternative path to the package store.
- Simplified input
- Extended input
- Output
rl-secure sync pkg:rl/my-project --vault-key SECRETKEY
rl-secure sync --purl=pkg:rl/my-project --rl-store=/home/armando/my-repository/ --vault-key SECRETKEY
Estimated time to complete: 00:00:20
Preparing ...
Software my-project/my-package@1.0.1
Scanning [==================================================] 100% [00m:00s] 363/363 files
Merging [==================================================] 100% [00m:00s] 363/363 files
Software my-project/my-package@1.0.2
Scanning [==================================================] 100% [00m:00s] 371/371 files
Merging [==================================================] 100% [00m:00s] 371/371 files
Sync finished!