BeardedPrincess
commented
5 months ago @wallrj I think this a valuable change for the reasons you have listed. It would also be useful to be able to identify clients and applications that are using a potentially old version of the SDK.
Do you anticipate that you will be able to submit a PR for these?
BUSINESS PROBLEM
As an administrator of a Venafi TPP server or of a Venafi Cloud tenant, I want to know which software is being used to connect to the REST API.
Right now the
vcertCLI and any software that uses the vcert SDK will use the default Go HTTP client User-Agent header:Go-http-client/1.1and the requests will be indistinguishable.For example, if the TPP API server is being overwhelmed by a rapid repeated requests, I would like to be able to look at the IIS server logs and see from the User-Agent of the offending requests and that the requests may be being generated by a
vcertcommand because I seeUser-Agent: vcert/vX.Y.Z.As a maintainer of the cert-manager Venafi Issuer, I want to be able to use the vcert SDK and configure it to send
User-Agent: cert-manager/vX.Y.Zso that the administrator of a Venafi TPP server or Venafi Cloud service, can know which software is being used to connect to the REST API. Why? Because if there is a bug in the cert-manager Venafi issuer, which causes it to not back off in the event of a failed API request, the Venafi server administrator can quickly know that cert-manager is the culprit and quickly report the bug so that it be quickly fixed.PROPOSED SOLUTION
Add a default User-Agent HTTP header to the Vcert client. Allow the User-Agent to be easily overridden by software that imports the Vcert SDK.
CURRENT ALTERNATIVES
To change the User-Agent of
vcertCLI requires modification of the source code and recompilation.To change the User-Agent when importing the vcert SDK requires supplying a custom
http.Clientwith a RoundTripper wrapped transport: