Error when creating a Report on OpenCTI Docker image GraphQL API through python client

[AcidCaos]

Description

When creating a new report with the python client opencti_clilent.report.create(...) method to an instance of OpenCTI Docker GraphQL API, the following error ocurrs:
Field "x_opencti_reliability" is not defined by type "ReportAddInput". Did you mean "x_opencti_stix_ids"?

Same Docker image version and Python library are being used: 6.1.10 .

Environment

1. OS (where OpenCTI server runs): Docker on Debian 6
2. OpenCTI version: Docker (opencti/platform:6.1.10)
3. OpenCTI client: Python (pycti==6.1.10)
4. Other environment details: Python 3.11 client, Docker OpenCTI.

Reproducible Steps

Steps to create the smallest reproducible scenario:

1. Deploy docker image: opencti/platform:6.1.10
2. On python run with pycti==6.1.10 :

   opencti_client.report.create(
         name = "Title",
         description = "Description",
         published = datetime.datetime.now().strftime("%Y-%m-%dT%H:%M:%S+00:00"),
         report_types = ["internal-report"]
   )

3. ValueError raised: Variable "$input" got invalid value { ... }; Field "x_opencti_reliability" is not defined by type "ReportAddInput". Did you mean "x_opencti_stix_ids"?

Additional information

The problem seems to be on the Docker image, since both Python library (version 6.1.10) and OpenCTI platform (version 6.1.10) contain this field:

Python lib: https://github.com/OpenCTI-Platform/client-python/blob/master/pycti/entities/opencti_report.py#L706
OpenCTI: https://github.com/OpenCTI-Platform/opencti/blob/master/opencti-platform/opencti-front/src/private/components/analyses/reports/ReportCreation.tsx#L74

The exact same problem occurs with field x_opencti_workflow_id.

Removing the related lines for fields x_opencti_reliability and x_opencti_workflow_id on the python library entities/opencti_report.py file solves the issue, but that seems a hacky way to fix it.

Full error message

ValueError: {
'name': 'Variable "$input" got invalid value { stix_id: null, createdBy: null, objectMarking: null, objectLabel: null, objectOrganization: null, objects: null, externalReferences: null, revoked: null, confidence: null, lang: null, created: null, modified: null, name: "Title", description: "Description", content: null, report_types: ["internal-report"], published: "2024-06-09T20:00:00+00:00", x_opencti_reliability: null, x_opencti_stix_ids: null, x_opencti_workflow_id: null, update: false }; Field "x_opencti_reliability" is not defined by type "ReportAddInput". Did you mean "x_opencti_stix_ids"?',
'error_message': 'Variable "$input" got invalid value { stix_id: null, createdBy: null, objectMarking: null, objectLabel: null, objectOrganization: null, objects: null, externalReferences: null, revoked: null, confidence: null, lang: null, created: null, modified: null, name: "Title", description: "Description", content: null, report_types: ["internal-report"], published: "2024-06-09T21:26:40+00:00", x_opencti_reliability: null, x_opencti_stix_ids: null, x_opencti_workflow_id: null, update: false }; Field "x_opencti_reliability" is not defined by type "ReportAddInput". Did you mean "x_opencti_stix_ids"?'
}

[Kedae]

Hi @AcidCaos,

This is really strange. Can you please double check your OpenCTI and its version. I've just checked in the code and the ReportAddInput does have both x_opencti_reliability and x_opencti_workflow_id (as you can see here https://github.com/OpenCTI-Platform/opencti/blob/b04dc34b08340933c1606bdf158e4ea105c51255/opencti-platform/opencti-graphql/config/schema/opencti.graphql#L3597)

[AcidCaos]

Sure!

On my docker-compose, the following image is being used: opencti/platform:6.1.10 for platform and opencti/worker:6.1.10 for workers. I've already completely removed them (down + removing persistent data) and upped them, same problem occurs.

On the UI, admin user profile page shows:
API access
OPENCTI VERSION 6.1.10

pycti is also on version 6.1.10 (but that should not be the issue anyway).

As you said, it's really strange. It seems a problem on the Docker image building.

[Kedae]

I've just tried pulling the docker image and get it started and I have no issue on my side.
Can you try accessing the /graphql (if you have playground enabled) on your OCTI url and try the following ?

mutation ReportAdd {
  reportAdd(input: {
    x_opencti_reliability: ""
    name: "Test"
    published: "2024-06-05T00:00:00z"
  }){
    id
  }
}

[AcidCaos]

That is working properly. Returned a successful report added:

{
  "data": {
    "reportAdd": {
      "id": "7482a7f3-f7c0-40c1-b301-f168797e18e7"
    }
  }
}

The report can be seen in OpenCTI UI too.

[Kedae]

Ok, so the issue is not coming from your OCTI platform. Can you check the url, tokens, access, from your different conf ?

[AcidCaos]

Issue identified. The problem was due to a collision of DNS records between the docker-compose generated "opencti" name and the local DNS, which resulted in the wrong opencti being resolved. That OpenCTI is an old version and hence the error.

Thanks for the help @Kedae!