Skip to content

Commit

Permalink
feat(sbom): set User-Agent header on requests to Rekor (#7396)
Browse files Browse the repository at this point in the history
Signed-off-by: Bob Callaway <bcallaway@google.com>
  • Loading branch information
bobcallaway authored Sep 3, 2024
1 parent 1a6295c commit af1d257
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 12 deletions.
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,8 @@ require (
github.com/docker/go-connections v0.5.0
github.com/fatih/color v1.17.0
github.com/go-git/go-git/v5 v5.12.0
github.com/go-openapi/runtime v0.28.0
github.com/go-openapi/strfmt v0.23.0
github.com/go-openapi/runtime v0.28.0 // indirect
github.com/go-openapi/strfmt v0.23.0 // indirect
github.com/go-redis/redis/v8 v8.11.5
github.com/golang-jwt/jwt/v5 v5.2.1
github.com/google/go-containerregistry v0.20.2
Expand Down
15 changes: 5 additions & 10 deletions pkg/rekor/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,18 @@ package rekor

import (
"context"
"net/url"
"fmt"
"slices"

httptransport "github.com/go-openapi/runtime/client"
"github.com/go-openapi/strfmt"
pkgclient "github.com/sigstore/rekor/pkg/client"
"github.com/sigstore/rekor/pkg/generated/client"
eclient "github.com/sigstore/rekor/pkg/generated/client/entries"
"github.com/sigstore/rekor/pkg/generated/client/index"
"github.com/sigstore/rekor/pkg/generated/models"
"golang.org/x/xerrors"

"github.com/aquasecurity/trivy/pkg/log"
"github.com/aquasecurity/trivy/pkg/version/app"
)

const (
Expand Down Expand Up @@ -64,15 +64,10 @@ type Client struct {
}

func NewClient(rekorURL string) (*Client, error) {
u, err := url.Parse(rekorURL)
c, err := pkgclient.GetRekorClient(rekorURL, pkgclient.WithUserAgent(fmt.Sprintf("trivy/%s", app.Version())))
if err != nil {
return nil, xerrors.Errorf("failed to parse url: %w", err)
return nil, xerrors.Errorf("failed to create rekor client: %w", err)
}

c := client.New(
httptransport.New(u.Host, client.DefaultBasePath, []string{u.Scheme}),
strfmt.Default,
)
return &Client{Rekor: c}, nil
}

Expand Down
7 changes: 7 additions & 0 deletions pkg/rekor/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"net/http"
"net/http/httptest"
"strings"
"testing"

"github.com/stretchr/testify/assert"
Expand Down Expand Up @@ -56,6 +57,9 @@ func TestClient_Search(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if !strings.HasPrefix(r.UserAgent(), "trivy/") {
t.Fatalf("User-Agent header was not specified")
}
http.ServeFile(w, r, tt.mockResponseFile)
return
}))
Expand Down Expand Up @@ -148,6 +152,9 @@ func TestClient_GetEntries(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if !strings.HasPrefix(r.UserAgent(), "trivy/") {
t.Fatalf("User-Agent header was not specified")
}
http.ServeFile(w, r, tt.mockResponseFile)
return
}))
Expand Down

0 comments on commit af1d257

Please sign in to comment.