fix: close method for conections that need closing

pkg/controllers/externalsecret/externalsecret_controller.go

@@ -250,6 +250,11 @@ func (r *Reconciler) getProviderSecretData(ctx context.Context, providerClient p
 		providerData[secretRef.SecretKey] = secretData
 	}
 
+	err := providerClient.Close()
+	if err != nil {
+		return nil, fmt.Errorf("error closing the connection: %w", err)
+	}
+
 	return providerData, nil
 }
 

pkg/provider/aws/parameterstore/parameterstore.go

@@ -89,3 +89,7 @@ func (pm *ParameterStore) GetSecretMap(ctx context.Context, ref esv1alpha1.Exter
 	}
 	return secretData, nil
 }
+
+func (pm *ParameterStore) Close() error {
+	return nil
+}

pkg/provider/aws/secretsmanager/secretsmanager.go

@@ -102,3 +102,7 @@ func (sm *SecretsManager) GetSecretMap(ctx context.Context, ref esv1alpha1.Exter
 	}
 	return secretData, nil
 }
+
+func (sm *SecretsManager) Close() error {
+	return nil
+}

pkg/provider/azure/keyvault/keyvault.go

@@ -225,3 +225,7 @@ func (a *Azure) secretKeyRef(ctx context.Context, namespace string, secretRef sm
 	value := strings.TrimSpace(string(keyBytes))
 	return value, nil
 }
+
+func (a *Azure) Close() error {
+	return nil
+}

pkg/provider/fake/fake.go

@@ -74,6 +74,9 @@ func (v *Client) WithGetSecret(secData []byte, err error) *Client {
 func (v *Client) GetSecretMap(ctx context.Context, ref esv1alpha1.ExternalSecretDataRemoteRef) (map[string][]byte, error) {
 	return v.GetSecretMapFn(ctx, ref)
 }
+func (v *Client) Close() error {
+	return nil
+}
 
 // WithGetSecretMap wraps the secret data map returned by this fake provider.
 func (v *Client) WithGetSecretMap(secData map[string][]byte, err error) *Client {

pkg/provider/gcp/secretmanager/secretsmanager.go

@@ -39,6 +39,7 @@ const (
 
 	errGCPSMStore                             = "received invalid GCPSM SecretStore resource"
 	errGCPSMCredSecretName                    = "invalid GCPSM SecretStore resource: missing GCP Secret Access Key"
+	errClientClose                            = "unable to close SecretManager client: %w"
 	errInvalidClusterStoreMissingSAKNamespace = "invalid ClusterSecretStore: missing GCP SecretAccessKey Namespace"
 	errFetchSAKSecret                         = "could not fetch SecretAccessKey secret: %w"
 	errMissingSAK                             = "missing SecretAccessKey"
@@ -195,6 +196,14 @@ func (sm *ProviderGCP) GetSecretMap(ctx context.Context, ref esv1alpha1.External
 	return secretData, nil
 }
 
+func (sm *ProviderGCP) Close() error {
+	err := sm.SecretManagerClient.Close()
+	if err != nil {
+		return fmt.Errorf(errClientClose, err)
+	}
+	return nil
+}
+
 func init() {
 	schema.Register(&ProviderGCP{}, &esv1alpha1.SecretStoreProvider{
 		GCPSM: &esv1alpha1.GCPSMProvider{},

pkg/provider/provider.go

@@ -35,4 +35,5 @@ type SecretsClient interface {
 
 	// GetSecretMap returns multiple k/v pairs from the provider
 	GetSecretMap(ctx context.Context, ref esv1alpha1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
+	Close() error
 }

pkg/provider/schema/schema_test.go

@@ -41,6 +41,10 @@ func (p *PP) GetSecretMap(ctx context.Context, ref esv1alpha1.ExternalSecretData
 	return map[string][]byte{}, nil
 }
 
+func (p *PP) Close() error {
+	return nil
+}
+
 // TestRegister tests if the Register function
 // (1) panics if it tries to register something invalid
 // (2) stores the correct provider.

pkg/provider/vault/vault.go

@@ -149,6 +149,10 @@ func (v *client) GetSecretMap(ctx context.Context, ref esv1alpha1.ExternalSecret
 	return v.readSecret(ctx, ref.Key, ref.Version)
 }
 
+func (v *client) Close() error {
+	return nil
+}
+
 func (v *client) readSecret(ctx context.Context, path, version string) (map[string][]byte, error) {
 	kvPath := v.store.Path