elastic · kibanamachine · Dec 2, 2024 · Dec 2, 2024
@@ -17,7 +17,9 @@ export const CrowdstrikeSecretsSchema = schema.object({
   clientSecret: schema.string(),
 });
 
-export const RelaxedCrowdstrikeBaseApiResponseSchema = schema.object({}, { unknowns: 'allow' });
+export const RelaxedCrowdstrikeBaseApiResponseSchema = schema.maybe(
+  schema.object({}, { unknowns: 'allow' })
+);
 export const CrowdstrikeBaseApiResponseSchema = schema.object(
   {
     resources: schema.arrayOf(schema.any()),

@@ -16,7 +16,9 @@ export const SentinelOneSecretsSchema = schema.object({
   token: schema.string(),
 });
 
-export const SentinelOneBaseApiResponseSchema = schema.object({}, { unknowns: 'allow' });
+export const SentinelOneBaseApiResponseSchema = schema.maybe(
+  schema.object({}, { unknowns: 'allow' })
+);
 
 export const SentinelOneGetAgentsResponseSchema = schema.object(
   {

@@ -206,6 +206,11 @@ export class CrowdstrikeConnector extends SubActionConnector<
       const response = await this.request<R>(
         {
           ...req,
+          // We don't validate responses from Crowdstrike API's because we do not want failures for cases
+          // where the external system might add/remove/change values in the response that we have no
+          // control over.
+          responseSchema:
+            RelaxedCrowdstrikeBaseApiResponseSchema as unknown as SubActionRequestParams<R>['responseSchema'],
           headers: {
             ...req.headers,
             Authorization: `Bearer ${CrowdstrikeConnector.token}`,

@@ -12,7 +12,6 @@ import {
   SentinelOneGetActivitiesParams,
 } from '../../../common/sentinelone/types';
 import { API_PATH } from './sentinelone';
-import { SentinelOneGetActivitiesResponseSchema } from '../../../common/sentinelone/schema';
 import { ConnectorUsageCollector } from '@kbn/actions-plugin/server/types';
 import { loggingSystemMock } from '@kbn/core-logging-server-mocks';
 
@@ -107,7 +106,7 @@ describe('SentinelOne Connector', () => {
         params: {
           APIToken: 'token-abc',
         },
-        responseSchema: SentinelOneGetActivitiesResponseSchema,
+        responseSchema: expect.any(Object),
       });
     });
 

@@ -43,6 +43,7 @@ import {
   SentinelOneGetRemoteScriptResultsParamsSchema,
   SentinelOneDownloadRemoteScriptResultsParamsSchema,
   SentinelOneDownloadRemoteScriptResultsResponseSchema,
+  SentinelOneBaseApiResponseSchema,
 } from '../../../common/sentinelone/schema';
 import { SUB_ACTION } from '../../../common/sentinelone/constants';
 import {
@@ -400,6 +401,11 @@ export class SentinelOneConnector extends SubActionConnector<
     const response = await this.request<R>(
       {
         ...req,
+        // We don't validate responses from SentinelOne API's because we do not want failures for cases
+        // where the external system might add/remove/change values in the response that we have no
+        // control over.
+        responseSchema:
+          SentinelOneBaseApiResponseSchema as unknown as SubActionRequestParams<R>['responseSchema'],
         params: {
           ...req.params,
           APIToken: this.secrets.token,