Packs/Reco: fix validate_api_key (#27731) (#27767)

* Packs/Reco: fix validate_api_key



* update docker image

* Packs/Reco: update docs



* Packs/Reco: update docs



* Packs/Reco: update docs



---------

Signed-off-by: Gal Nakash <gal@recolabs.ai>
Co-authored-by: GalNakash-RecoLabs <71227802+GalNakash-RecoLabs@users.noreply.github.com>

Packs/Reco/Integrations/Reco/Reco.py

@@ -696,11 +696,11 @@ def validate_api_key(self) -> str:
         invalid_token_string = "Invalid token"
         try:
             response = self._http_request(
-                method="POST",
-                url_suffix="/incident-tables/tables",
+                method="GET",
+                url_suffix="/data-sources",
                 timeout=RECO_API_TIMEOUT_IN_SECONDS,
             )
-            if response.get("listTablesResponse") is None:
+            if response.get("dataSources") is None:
                 demisto.info(f"got bad response, {response}")
             else:
                 demisto.info(f"got good response, {response}")
@@ -1066,18 +1066,21 @@ def fetch_incidents(
 ) -> Tuple[Dict[str, Any], List[Dict[str, Any]]]:
     demisto.info(f"fetch-incidents called {max_fetch=}")
     next_run = {}
+    incidents = []
     last_run_time = last_run.get("lastRun", None)
     if last_run_time is not None:
         after = dateutil.parser.parse(last_run_time)
 
-    incidents_raw = reco_client.get_incidents(
-        risk_level=risk_level,
-        source=source,
-        before=before,
-        after=after,
-        limit=max_fetch,
-    )
-    incidents = parse_incidents_objects(reco_client, incidents_raw)
+    try:
+        incidents_raw = reco_client.get_incidents(risk_level=risk_level,
+                                                  source=source,
+                                                  before=before,
+                                                  after=after,
+                                                  limit=max_fetch)
+        incidents = parse_incidents_objects(reco_client, incidents_raw)
+    except Exception as e:
+        demisto.info(f"Error fetching incidents: {e}")
+
     alerts = get_alerts(reco_client, risk_level, source, before, after, max_fetch)
     alerts_as_incidents = parse_alerts_to_incidents(alerts)
     incidents.extend(alerts_as_incidents)

Packs/Reco/Integrations/Reco/Reco.yml

@@ -65,7 +65,7 @@ description: Reco is a Saas data security solution that protects your data from
 display: Reco
 name: Reco
 script:
-  dockerimage: demisto/python3:3.10.11.61265
+  dockerimage: demisto/python3:3.10.12.63474
   feed: false
   isfetch: true
   longRunning: false

Packs/Reco/Integrations/Reco/Reco_test.py

@@ -345,9 +345,9 @@ def get_mock_assets() -> List[Dict[str, Any]]:
 
 
 def test_test_module_success(requests_mock, reco_client: RecoClient) -> None:
-    mock_response = {"listTablesResponse": {"tablesMetadata": [{"name": "table1"}]}}
-    requests_mock.post(
-        f"{DUMMY_RECO_API_DNS_NAME}/incident-tables/tables", json=mock_response
+    mock_response = {"dataSources": {"tablesMetadata": [{"name": "table1"}]}}
+    requests_mock.get(
+        f"{DUMMY_RECO_API_DNS_NAME}/data-sources", json=mock_response
     )
 
     res = reco_client.validate_api_key()

Packs/Reco/ReleaseNotes/1_1_3.md

@@ -0,0 +1,8 @@
+
+#### Integrations
+
+##### Reco
+
+- Change validate api key endpoint
+- Fixed the fetch incidents to use try except for safety.
+- Updated the Docker image to: *demisto/python3:3.10.12.63474*.

Packs/Reco/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Reco",
     "description": "Reco - detects and protects against sensitive data leakage",
     "support": "partner",
-    "currentVersion": "1.1.2",
+    "currentVersion": "1.1.3",
     "author": "Reco",
     "url": "https://reco.ai",
     "email": "support@reco.ai",