content icon indicating copy to clipboard operation
content copied to clipboard
verified publisher icon demisto

Mirroring xsoar bug

Open almog2296 opened this issue 1 month ago • 3 comments

Status

  • [x] In Progress
  • [ ] Ready
  • [ ] In Hold - (Reason for hold)

Related Issues

fixes: link to the issue fixes: link to the issue

Description

  • Removing assigned_user_pretty_name from xdr-update-incident and from mirroring request to align with the update_incident API.
  • Fixed the TPB Test Playbook – Cortex XDR Malware – Incident Enrichment. It previously used a constant incident ID that no longer exists. Updated it to use an existing incident instead of a hard-coded one.
  • Temporary fix for the TPB Test XDR Playbook – General Commands: bypassed !xdr-get-endpoint-device-control-violations since the Build XDR tenant no longer has violations due to retention. The command is skipped until the Lab adds new data. A separate ticket was opened to handle this link to issue.

almog2296 avatar Nov 27 '25 15:11 almog2296

Coverage

Coverage Report
FileStmtsMissCoverMissing
Packs/CortexXDR/Integrations/CortexXDRIR
   CortexXDRIR.py7109087%56, 64, 68–70, 141–142, 225–229, 231, 233, 236, 241, 268–272, 274, 281–284, 303, 306, 312, 315, 348–352, 354, 362, 364, 366–369, 372–376, 378, 467–470, 472, 590, 637–638, 657, 667, 732, 735, 768, 775, 777, 841–842, 844, 895, 976, 1097–1098, 1101, 1151–1152, 1173, 1214–1217, 1271, 1288–1290, 1295, 1300, 1328–1331, 1363, 1379
TOTAL7109087% 

Tests Skipped Failures Errors Time
115 0 :zzz: 0 :x: 0 :fire: 17.334s :stopwatch:

github-actions[bot] avatar Nov 27 '25 15:11 github-actions[bot]

Validate summary The following errors were thrown as a part of this pr: BC104. The following errors cannot be ignored: BC104. If the AG100 validation in the pre-commit GitHub Action fails, the pull request cannot be force-merged. The following errors don't run as part of the nightly flow and therefore can be force merged: BC104.

Verdict: PR can be force merged from validate perspective? ✅

content-bot avatar Dec 01 '25 12:12 content-bot

@almog2296 docs approved

talihaff avatar Dec 01 '25 13:12 talihaff

Force merge required due to breaking changes. The argument assigned_user_pretty_name has been removed from the xdr-update-incident command, since it is no longer supported by the API (caused mirroring failure). Secret Failed due to failure in the secret detection. Manually checked.

almog2296 avatar Dec 02 '25 08:12 almog2296