From de1004094c3c59f7ad66e9e8b0b1ad55e5e970b7 Mon Sep 17 00:00:00 2001
From: Bob Callaway <bcallaway@google.com>
Date: Mon, 26 Aug 2024 17:15:36 -0400
Subject: [PATCH 1/2] set User-Agent header on requests to Rekor

Signed-off-by: Bob Callaway <bcallaway@google.com>
---
 pkg/rekor/client.go      | 15 +++++----------
 pkg/rekor/client_test.go |  7 +++++++
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/pkg/rekor/client.go b/pkg/rekor/client.go
index d748166d6d7f..c6390f9679db 100644
--- a/pkg/rekor/client.go
+++ b/pkg/rekor/client.go
@@ -2,11 +2,10 @@ package rekor
 
 import (
 	"context"
-	"net/url"
+	"fmt"
 	"slices"
 
-	httptransport "github.com/go-openapi/runtime/client"
-	"github.com/go-openapi/strfmt"
+	pkgclient "github.com/sigstore/rekor/pkg/client"
 	"github.com/sigstore/rekor/pkg/generated/client"
 	eclient "github.com/sigstore/rekor/pkg/generated/client/entries"
 	"github.com/sigstore/rekor/pkg/generated/client/index"
@@ -14,6 +13,7 @@ import (
 	"golang.org/x/xerrors"
 
 	"github.com/aquasecurity/trivy/pkg/log"
+	"github.com/aquasecurity/trivy/pkg/version/app"
 )
 
 const (
@@ -64,15 +64,10 @@ type Client struct {
 }
 
 func NewClient(rekorURL string) (*Client, error) {
-	u, err := url.Parse(rekorURL)
+	c, err := pkgclient.GetRekorClient(rekorURL, pkgclient.WithUserAgent(fmt.Sprintf("trivy/%s", app.Version())))
 	if err != nil {
-		return nil, xerrors.Errorf("failed to parse url: %w", err)
+		return nil, xerrors.Errorf("failed to create rekor client: %w", err)
 	}
-
-	c := client.New(
-		httptransport.New(u.Host, client.DefaultBasePath, []string{u.Scheme}),
-		strfmt.Default,
-	)
 	return &Client{Rekor: c}, nil
 }
 
diff --git a/pkg/rekor/client_test.go b/pkg/rekor/client_test.go
index 9ea48d657cc5..f9390122fbf0 100644
--- a/pkg/rekor/client_test.go
+++ b/pkg/rekor/client_test.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"net/http"
 	"net/http/httptest"
+	"strings"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -56,6 +57,9 @@ func TestClient_Search(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				if !strings.HasPrefix(r.UserAgent(), "trivy/") {
+					t.Fatalf("User-Agent header was not specified")
+				}
 				http.ServeFile(w, r, tt.mockResponseFile)
 				return
 			}))
@@ -148,6 +152,9 @@ func TestClient_GetEntries(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				if !strings.HasPrefix(r.UserAgent(), "trivy/") {
+					t.Fatalf("User-Agent header was not specified")
+				}
 				http.ServeFile(w, r, tt.mockResponseFile)
 				return
 			}))

From 1d6613e7259a73099897229ecaaa3591c596dc28 Mon Sep 17 00:00:00 2001
From: Bob Callaway <bcallaway@google.com>
Date: Mon, 26 Aug 2024 22:03:14 -0400
Subject: [PATCH 2/2] go mod tidy

Signed-off-by: Bob Callaway <bcallaway@google.com>
---
 go.mod | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/go.mod b/go.mod
index 230470d8f12c..e6bca25071ea 100644
--- a/go.mod
+++ b/go.mod
@@ -47,8 +47,8 @@ require (
 	github.com/docker/go-connections v0.5.0
 	github.com/fatih/color v1.17.0
 	github.com/go-git/go-git/v5 v5.12.0
-	github.com/go-openapi/runtime v0.28.0
-	github.com/go-openapi/strfmt v0.23.0
+	github.com/go-openapi/runtime v0.28.0 // indirect
+	github.com/go-openapi/strfmt v0.23.0 // indirect
 	github.com/go-redis/redis/v8 v8.11.5
 	github.com/golang-jwt/jwt/v5 v5.2.1
 	github.com/google/go-containerregistry v0.20.2