Skip to content

Commit

Permalink
feat(sbom): set User-Agent header on requests to Rekor (aquasecurity#…
Browse files Browse the repository at this point in the history
…7396)

Signed-off-by: Bob Callaway <[email protected]>
  • Loading branch information
bobcallaway authored and fhielpos committed Dec 20, 2024
1 parent 805b22e commit 8f75a54
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 12 deletions.
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,8 @@ require (
github.com/docker/go-connections v0.5.0
github.com/fatih/color v1.17.0
github.com/go-git/go-git/v5 v5.12.0
github.com/go-openapi/runtime v0.28.0
github.com/go-openapi/strfmt v0.23.0
github.com/go-openapi/runtime v0.28.0 // indirect
github.com/go-openapi/strfmt v0.23.0 // indirect
github.com/go-redis/redis/v8 v8.11.5
github.com/golang-jwt/jwt/v5 v5.2.1
github.com/google/go-containerregistry v0.20.2
Expand Down
15 changes: 5 additions & 10 deletions pkg/rekor/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,18 @@ package rekor

import (
"context"
"net/url"
"fmt"
"slices"

httptransport "github.com/go-openapi/runtime/client"
"github.com/go-openapi/strfmt"
pkgclient "github.com/sigstore/rekor/pkg/client"
"github.com/sigstore/rekor/pkg/generated/client"
eclient "github.com/sigstore/rekor/pkg/generated/client/entries"
"github.com/sigstore/rekor/pkg/generated/client/index"
"github.com/sigstore/rekor/pkg/generated/models"
"golang.org/x/xerrors"

"github.com/aquasecurity/trivy/pkg/log"
"github.com/aquasecurity/trivy/pkg/version/app"
)

const (
Expand Down Expand Up @@ -64,15 +64,10 @@ type Client struct {
}

func NewClient(rekorURL string) (*Client, error) {
u, err := url.Parse(rekorURL)
c, err := pkgclient.GetRekorClient(rekorURL, pkgclient.WithUserAgent(fmt.Sprintf("trivy/%s", app.Version())))
if err != nil {
return nil, xerrors.Errorf("failed to parse url: %w", err)
return nil, xerrors.Errorf("failed to create rekor client: %w", err)
}

c := client.New(
httptransport.New(u.Host, client.DefaultBasePath, []string{u.Scheme}),
strfmt.Default,
)
return &Client{Rekor: c}, nil
}

Expand Down
7 changes: 7 additions & 0 deletions pkg/rekor/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"net/http"
"net/http/httptest"
"strings"
"testing"

"github.com/stretchr/testify/assert"
Expand Down Expand Up @@ -56,6 +57,9 @@ func TestClient_Search(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if !strings.HasPrefix(r.UserAgent(), "trivy/") {
t.Fatalf("User-Agent header was not specified")
}
http.ServeFile(w, r, tt.mockResponseFile)
return
}))
Expand Down Expand Up @@ -148,6 +152,9 @@ func TestClient_GetEntries(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if !strings.HasPrefix(r.UserAgent(), "trivy/") {
t.Fatalf("User-Agent header was not specified")
}
http.ServeFile(w, r, tt.mockResponseFile)
return
}))
Expand Down

0 comments on commit 8f75a54

Please sign in to comment.