lint

apis/externalsecrets/v1alpha1/secretstore_akeyless_types.go

@@ -33,7 +33,7 @@ type AkeylessAuth struct {
 }
 
 // AkeylessAuthSecretRef
-//AKEYLESS_ACCESS_TYPE_PARAM: AZURE_OBJ_ID OR GCP_AUDIENCE OR ACCESS_KEY OR KUB_CONFIG_NAME
+//AKEYLESS_ACCESS_TYPE_PARAM: AZURE_OBJ_ID OR GCP_AUDIENCE OR ACCESS_KEY OR KUB_CONFIG_NAME.
 type AkeylessAuthSecretRef struct {
 	// The SecretAccessID is used for authentication
 	AccessID        esmeta.SecretKeySelector `json:"accessID,omitempty"`

apis/externalsecrets/v1alpha1/zz_generated.deepcopy.go

@@ -1,3 +1,4 @@
+//go:build !ignore_autogenerated
 // +build !ignore_autogenerated
 
 /*

apis/meta/v1/zz_generated.deepcopy.go

@@ -1,3 +1,4 @@
+//go:build !ignore_autogenerated
 // +build !ignore_autogenerated
 
 /*

deploy/crds/external-secrets.io_clustersecretstores.yaml

@@ -68,7 +68,7 @@ spec:
                         properties:
                           secretRef:
                             description: 'AkeylessAuthSecretRef AKEYLESS_ACCESS_TYPE_PARAM:
-                              AZURE_OBJ_ID OR GCP_AUDIENCE OR ACCESS_KEY OR KUB_CONFIG_NAME'
+                              AZURE_OBJ_ID OR GCP_AUDIENCE OR ACCESS_KEY OR KUB_CONFIG_NAME.'
                             properties:
                               accessID:
                                 description: The SecretAccessID is used for authentication

deploy/crds/external-secrets.io_secretstores.yaml

@@ -68,7 +68,7 @@ spec:
                         properties:
                           secretRef:
                             description: 'AkeylessAuthSecretRef AKEYLESS_ACCESS_TYPE_PARAM:
-                              AZURE_OBJ_ID OR GCP_AUDIENCE OR ACCESS_KEY OR KUB_CONFIG_NAME'
+                              AZURE_OBJ_ID OR GCP_AUDIENCE OR ACCESS_KEY OR KUB_CONFIG_NAME.'
                             properties:
                               accessID:
                                 description: The SecretAccessID is used for authentication

e2e/suite/akeyless/provider.go

@@ -23,6 +23,11 @@ import (
 	"os"
 	"strings"
 
+	aws_cloud_id "github.com/akeylesslabs/akeyless-go-cloud-id/cloudprovider/aws"
+	azure_cloud_id "github.com/akeylesslabs/akeyless-go-cloud-id/cloudprovider/azure"
+	gcp_cloud_id "github.com/akeylesslabs/akeyless-go-cloud-id/cloudprovider/gcp"
+	"github.com/akeylesslabs/akeyless-go/v2"
+
 	//nolint
 	. "github.com/onsi/ginkgo"
 
@@ -34,11 +39,6 @@ import (
 	esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
 	esmeta "github.com/external-secrets/external-secrets/apis/meta/v1"
 	"github.com/external-secrets/external-secrets/e2e/framework"
-
-	aws_cloud_id "github.com/akeylesslabs/akeyless-go-cloud-id/cloudprovider/aws"
-	azure_cloud_id "github.com/akeylesslabs/akeyless-go-cloud-id/cloudprovider/azure"
-	gcp_cloud_id "github.com/akeylesslabs/akeyless-go-cloud-id/cloudprovider/gcp"
-	"github.com/akeylesslabs/akeyless-go/v2"
 )
 
 type akeylessProvider struct {
@@ -46,7 +46,7 @@ type akeylessProvider struct {
 	accessType      string
 	accessTypeParam string
 	framework       *framework.Framework
-	restApiClient   *akeyless.V2ApiService
+	restAPIClient   *akeyless.V2ApiService
 }
 
 var apiErr akeyless.GenericOpenAPIError
@@ -61,7 +61,7 @@ func newAkeylessProvider(f *framework.Framework, accessID, accessType, accessTyp
 		framework:       f,
 	}
 
-	restApiClient := akeyless.NewAPIClient(&akeyless.Configuration{
+	restAPIClient := akeyless.NewAPIClient(&akeyless.Configuration{
 		Servers: []akeyless.ServerConfiguration{
 			{
 				URL: "https://api.akeyless.io",
@@ -69,7 +69,7 @@ func newAkeylessProvider(f *framework.Framework, accessID, accessType, accessTyp
 		},
 	}).V2Api
 
-	prov.restApiClient = restApiClient
+	prov.restAPIClient = restAPIClient
 
 	BeforeEach(prov.BeforeEach)
 	return prov
@@ -87,7 +87,7 @@ func (a *akeylessProvider) CreateSecret(key, val string) {
 		Token: &token,
 	}
 
-	_, _, err = a.restApiClient.CreateSecret(ctx).Body(gsvBody).Execute()
+	_, _, err = a.restAPIClient.CreateSecret(ctx).Body(gsvBody).Execute()
 	Expect(err).ToNot(HaveOccurred())
 }
 
@@ -101,7 +101,7 @@ func (a *akeylessProvider) DeleteSecret(key string) {
 		Token: &token,
 	}
 
-	_, _, err = a.restApiClient.DeleteItem(ctx).Body(gsvBody).Execute()
+	_, _, err = a.restAPIClient.DeleteItem(ctx).Body(gsvBody).Execute()
 	Expect(err).ToNot(HaveOccurred())
 }
 
@@ -155,7 +155,6 @@ func (a *akeylessProvider) BeforeEach() {
 }
 
 func (a *akeylessProvider) GetToken() (string, error) {
-
 	ctx := context.Background()
 	authBody := akeyless.NewAuthWithDefaults()
 	authBody.AccessId = akeyless.PtrString(a.accessID)
@@ -165,48 +164,48 @@ func (a *akeylessProvider) GetToken() (string, error) {
 	} else if a.accessType == "k8s" {
 		jwtString, err := readK8SServiceAccountJWT()
 		if err != nil {
-			return "", fmt.Errorf("failed to read JWT with Kubernetes Auth from %v. error: %v", DefServiceAccountFile, err.Error())
+			return "", fmt.Errorf("failed to read JWT with Kubernetes Auth from %v. error: %w", DefServiceAccountFile, err)
 		}
 		K8SAuthConfigName := a.accessTypeParam
 		authBody.AccessType = akeyless.PtrString(a.accessType)
 		authBody.K8sServiceAccountToken = akeyless.PtrString(jwtString)
 		authBody.K8sAuthConfigName = akeyless.PtrString(K8SAuthConfigName)
 	} else {
-		cloudId, err := a.getCloudId(a.accessType, a.accessTypeParam)
+		cloudID, err := a.getCloudID(a.accessType, a.accessTypeParam)
 		if err != nil {
 			return "", fmt.Errorf("Require Cloud ID " + err.Error())
 		}
 		authBody.AccessType = akeyless.PtrString(a.accessType)
-		authBody.CloudId = akeyless.PtrString(cloudId)
+		authBody.CloudId = akeyless.PtrString(cloudID)
 	}
 
-	authOut, _, err := a.restApiClient.Auth(ctx).Body(*authBody).Execute()
+	authOut, _, err := a.restAPIClient.Auth(ctx).Body(*authBody).Execute()
 	if err != nil {
 		if errors.As(err, &apiErr) {
 			return "", fmt.Errorf("authentication failed: %v", string(apiErr.Body()))
 		}
-		return "", fmt.Errorf("authentication failed: %v", err)
+		return "", fmt.Errorf("authentication failed: %w", err)
 	}
 
 	token := authOut.GetToken()
 	return token, nil
 }
 
-func (a *akeylessProvider) getCloudId(provider string, accTypeParam string) (string, error) {
-	var cloudId string
+func (a *akeylessProvider) getCloudID(provider, accTypeParam string) (string, error) {
+	var cloudID string
 	var err error
 
 	switch provider {
 	case "azure_ad":
-		cloudId, err = azure_cloud_id.GetCloudId(accTypeParam)
+		cloudID, err = azure_cloud_id.GetCloudId(accTypeParam)
 	case "aws_iam":
-		cloudId, err = aws_cloud_id.GetCloudId()
+		cloudID, err = aws_cloud_id.GetCloudId()
 	case "gcp":
-		cloudId, err = gcp_cloud_id.GetCloudID(accTypeParam)
+		cloudID, err = gcp_cloud_id.GetCloudID(accTypeParam)
 	default:
-		return "", fmt.Errorf("Unable to determine provider: %s", provider)
+		return "", fmt.Errorf("unable to determine provider: %s", provider)
 	}
-	return cloudId, err
+	return cloudID, err
 }
 
 // readK8SServiceAccountJWT reads the JWT data for the Agent to submit to Akeyless Gateway.
@@ -225,5 +224,4 @@ func readK8SServiceAccountJWT() (string, error) {
 	a := strings.TrimSpace(string(contentBytes))
 
 	return base64.StdEncoding.EncodeToString([]byte(a)), nil
-	//return encoding_ex.Base64Encode([]byte(a)), nil
 }

go.mod

@@ -44,7 +44,6 @@ require (
 	github.com/akeylesslabs/akeyless-go/v2 v2.5.11
 	github.com/aliyun/alibaba-cloud-sdk-go v1.61.1192
 	github.com/aws/aws-sdk-go v1.38.6
-	github.com/aws/aws-sdk-go-v2 v0.23.0
 	github.com/crossplane/crossplane-runtime v0.13.0
 	github.com/fatih/color v1.10.0 // indirect
 	github.com/frankban/quicktest v1.10.0 // indirect

go.sum

@@ -11,7 +11,6 @@ cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bP
 cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk=
 cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
 cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
-cloud.google.com/go v0.65.0 h1:Dg9iHVQfrhq82rUNu9ZxUDrJLaxFUe/HlCVaLyRruq8=
 cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
 cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI=
 cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk=
@@ -180,7 +179,6 @@ github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoD
 github.com/frankban/quicktest v1.10.0 h1:Gfh+GAJZOAoKZsIZeZbdn2JF10kN1XHNvjsvQK8gVkE=
 github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
 github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWpgI=
 github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=
@@ -224,7 +222,6 @@ github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+
 github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
-github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I=
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
 github.com/go-test/deep v1.0.2 h1:onZX1rnHT3Wv6cqNgYyFOOlgVKJrksuCMCRvJStbMYw=
@@ -557,7 +554,6 @@ github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108
 github.com/onsi/ginkgo v1.14.1/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
 github.com/onsi/ginkgo v1.14.2/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
 github.com/onsi/ginkgo v1.16.2/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E=
-github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc=
 github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0=
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
@@ -702,7 +698,6 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
@@ -714,7 +709,6 @@ go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
 go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
-go.opencensus.io v0.22.4 h1:LYy1Hy3MJdrCdMwwzxA/dRok4ejH+RwNGbuoD9fCjto=
 go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
 go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M=
@@ -777,8 +771,8 @@ golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHl
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
 golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
-golang.org/x/lint v0.0.0-20200302205851-738671d3881b h1:Wh+f8QHJXR411sJR8/vRBTZ7YapZaRvUcLFFJhusH0k=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
+golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5 h1:2M3HP5CCK1Si9FQhwnzYhXdG6DXeebvUHFpre8QvbyI=
 golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
 golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
@@ -839,8 +833,6 @@ golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20210224082022-3d97a244fca7/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
-golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
-golang.org/x/net v0.0.0-20210428140749-89ef3d95e781 h1:DzZ89McO9/gWPsQXS/FVKAlG02ZjaQ6AlZRBimEYOd0=
 golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
 golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d h1:20cMwl2fHAzkJMEA+8J4JgqBQcQGzbisXo31MIeenXI=
 golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
@@ -853,8 +845,6 @@ golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4Iltr
 golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210201163806-010130855d6c h1:HiAZXo96zOhVhtFHchj/ojzoxCFiPrp9/j0GtS38V3g=
-golang.org/x/oauth2 v0.0.0-20210201163806-010130855d6c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
@@ -934,12 +924,9 @@ golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210412220455-f1c623a9e750/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40 h1:JWgyZ1qgdTaF3N3oxC+MdTV7qvEEgHo3otj+HB5CM7Q=
 golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -1032,8 +1019,6 @@ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4f
 golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.0.0-20210114065538-d78b04bdf963/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
-golang.org/x/tools v0.1.2-0.20210512205948-8287d5da45e4 h1:cYSqdOzmV9wJ7lWurRAws06Dmif0Wv6UL4gQLlz+im0=
-golang.org/x/tools v0.1.2-0.20210512205948-8287d5da45e4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.7 h1:6j8CgantCy3yc8JGBqkDLMKWqZ0RDU2g1HVgacojGWQ=
 golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -1059,7 +1044,6 @@ google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/
 google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
 google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
 google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
-google.golang.org/api v0.30.0 h1:yfrXXP61wVuLb0vBcG6qaOoIoqYEzOQS8jum51jkv2w=
 google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
 google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg=
 google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE=
@@ -1109,7 +1093,6 @@ google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6D
 google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a h1:pOwg4OoaRYScjmR4LlLgdtnyoHYTSAVhhqe5uPdpII8=
 google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=

pkg/provider/akeyless/akeyless.go

@@ -20,9 +20,9 @@ import (
 	"fmt"
 	"strconv"
 
+	"github.com/akeylesslabs/akeyless-go/v2"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
-	"github.com/akeylesslabs/akeyless-go/v2"
 	esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
 	"github.com/external-secrets/external-secrets/pkg/provider"
 	"github.com/external-secrets/external-secrets/pkg/provider/schema"
@@ -30,7 +30,6 @@ import (
 )
 
 const (
-	defaultObjType = "secret"
 	defaultAPIUrl = "https://api.akeyless.io"
 )
 
@@ -38,20 +37,20 @@ const (
 type Provider struct{}
 
 // Akeyless satisfies the provider.SecretsClient interface.
-type AkeylessBase struct {
+type akeylessBase struct {
 	kube      client.Client
 	store     esv1alpha1.GenericStore
 	namespace string
 
-	akeylessGwApiURL string
-	RestApi          *akeyless.V2ApiService
+	akeylessGwAPIURL string
+	RestAPI          *akeyless.V2ApiService
 }
 
 type Akeyless struct {
-	Client AkeylessVaultInterface
+	Client akeylessVaultInterface
 }
 
-type AkeylessVaultInterface interface {
+type akeylessVaultInterface interface {
 	GetSecretByType(secretName, token string, version int32) (string, error)
 	TokenFromSecretRef(ctx context.Context) (string, error)
 }
@@ -67,8 +66,8 @@ func (p *Provider) NewClient(ctx context.Context, store esv1alpha1.GenericStore,
 	return newClient(ctx, store, kube, namespace)
 }
 
-func newClient(ctx context.Context, store esv1alpha1.GenericStore, kube client.Client, namespace string) (provider.SecretsClient, error) {
-	akl := &AkeylessBase{
+func newClient(_ context.Context, store esv1alpha1.GenericStore, kube client.Client, namespace string) (provider.SecretsClient, error) {
+	akl := &akeylessBase{
 		kube:      kube,
 		store:     store,
 		namespace: namespace,
@@ -78,26 +77,25 @@ func newClient(ctx context.Context, store esv1alpha1.GenericStore, kube client.C
 	if err != nil {
 		return nil, err
 	}
-	akeylessGwApiURL := defaultAPIUrl
-	if spec != nil && spec.AkeylessGWApiURL != nil && *spec.AkeylessGWApiURL != ""  {
-		akeylessGwApiURL = getV2Url(*spec.AkeylessGWApiURL)
+	akeylessGwAPIURL := defaultAPIUrl
+	if spec != nil && spec.AkeylessGWApiURL != nil && *spec.AkeylessGWApiURL != "" {
+		akeylessGwAPIURL = getV2Url(*spec.AkeylessGWApiURL)
 	}
 
-
 	if spec.Auth == nil {
 		return nil, fmt.Errorf("missing Auth in store config")
 	}
 
-	RestApiClient := akeyless.NewAPIClient(&akeyless.Configuration{
+	RestAPIClient := akeyless.NewAPIClient(&akeyless.Configuration{
 		Servers: []akeyless.ServerConfiguration{
 			{
-				URL: akeylessGwApiURL,
+				URL: akeylessGwAPIURL,
 			},
 		},
 	}).V2Api
 
-	akl.akeylessGwApiURL = akeylessGwApiURL
-	akl.RestApi = RestApiClient
+	akl.akeylessGwAPIURL = akeylessGwAPIURL
+	akl.RestAPI = RestAPIClient
 	return &Akeyless{Client: akl}, nil
 }
 
@@ -106,9 +104,8 @@ func (a *Akeyless) Close(ctx context.Context) error {
 }
 
 // Implements store.Client.GetSecret Interface.
-// Retrieves a secret with the secret name defined in ref.Name
+// Retrieves a secret with the secret name defined in ref.Name.
 func (a *Akeyless) GetSecret(ctx context.Context, ref esv1alpha1.ExternalSecretDataRemoteRef) ([]byte, error) {
-
 	if utils.IsNil(a.Client) {
 		return nil, fmt.Errorf(errUninitalizedAkeylessProvider)
 	}
@@ -134,7 +131,6 @@ func (a *Akeyless) GetSecret(ctx context.Context, ref esv1alpha1.ExternalSecretD
 // Implements store.Client.GetSecretMap Interface.
 // New version of GetSecretMap.
 func (a *Akeyless) GetSecretMap(ctx context.Context, ref esv1alpha1.ExternalSecretDataRemoteRef) (map[string][]byte, error) {
-
 	if utils.IsNil(a.Client) {
 		return nil, fmt.Errorf(errUninitalizedAkeylessProvider)
 	}

pkg/provider/akeyless/akeyless_api.go

@@ -34,47 +34,43 @@ var apiErr akeyless.GenericOpenAPIError
 
 const DefServiceAccountFile = "/var/run/secrets/kubernetes.io/serviceaccount/token"
 
-func (a *AkeylessBase) GetToken(accessId, accType, accTypeParam string) (string, error) {
-
+func (a *akeylessBase) GetToken(accessID, accType, accTypeParam string) (string, error) {
 	ctx := context.Background()
 	authBody := akeyless.NewAuthWithDefaults()
-	authBody.AccessId = akeyless.PtrString(accessId)
-	if accType == "api_key" || accType == "access_key"{
+	authBody.AccessId = akeyless.PtrString(accessID)
+	if accType == "api_key" || accType == "access_key" {
 		authBody.AccessKey = akeyless.PtrString(accTypeParam)
-
 	} else if accType == "k8s" {
 		jwtString, err := readK8SServiceAccountJWT()
 		if err != nil {
-			return "", fmt.Errorf("failed to read JWT with Kubernetes Auth from %v. error: %v", DefServiceAccountFile, err.Error())
+			return "", fmt.Errorf("failed to read JWT with Kubernetes Auth from %v. error: %w", DefServiceAccountFile, err)
 		}
 		K8SAuthConfigName := accTypeParam
 		authBody.AccessType = akeyless.PtrString(accType)
 		authBody.K8sServiceAccountToken = akeyless.PtrString(jwtString)
 		authBody.K8sAuthConfigName = akeyless.PtrString(K8SAuthConfigName)
-
 	} else {
-		cloudId, err := a.getCloudId(accType, accTypeParam)
+		cloudID, err := a.getCloudID(accType, accTypeParam)
 		if err != nil {
 			return "", fmt.Errorf("Require Cloud ID " + err.Error())
 		}
 		authBody.AccessType = akeyless.PtrString(accType)
-		authBody.CloudId = akeyless.PtrString(cloudId)
+		authBody.CloudId = akeyless.PtrString(cloudID)
 	}
 
-	authOut, _, err := a.RestApi.Auth(ctx).Body(*authBody).Execute()
+	authOut, _, err := a.RestAPI.Auth(ctx).Body(*authBody).Execute()
 	if err != nil {
 		if errors.As(err, &apiErr) {
 			return "", fmt.Errorf("authentication failed: %v", string(apiErr.Body()))
 		}
-		return "", fmt.Errorf("authentication failed: %v", err)
+		return "", fmt.Errorf("authentication failed: %w", err)
 	}
 
 	token := authOut.GetToken()
 	return token, nil
 }
 
-func (a *AkeylessBase) GetSecretByType(secretName, token string, version int32) (string, error) {
-
+func (a *akeylessBase) GetSecretByType(secretName, token string, version int32) (string, error) {
 	item, err := a.DescribeItem(secretName, token)
 	if err != nil {
 		return "", err
@@ -89,11 +85,11 @@ func (a *AkeylessBase) GetSecretByType(secretName, token string, version int32)
 	case "ROTATED_SECRET":
 		return a.GetRotatedSecrets(secretName, token, version)
 	default:
-		return "", fmt.Errorf("Invalid item type: %v", secretType)
+		return "", fmt.Errorf("invalid item type: %v", secretType)
 	}
 }
 
-func (a *AkeylessBase) DescribeItem(itemName, token string) (*akeyless.Item, error) {
+func (a *akeylessBase) DescribeItem(itemName, token string) (*akeyless.Item, error) {
 	ctx := context.Background()
 
 	body := akeyless.DescribeItem{
@@ -104,18 +100,18 @@ func (a *AkeylessBase) DescribeItem(itemName, token string) (*akeyless.Item, err
 	} else {
 		body.Token = &token
 	}
-	gsvOut, _, err := a.RestApi.DescribeItem(ctx).Body(body).Execute()
+	gsvOut, _, err := a.RestAPI.DescribeItem(ctx).Body(body).Execute()
 	if err != nil {
 		if errors.As(err, &apiErr) {
 			return nil, fmt.Errorf("can't describe item: %v", string(apiErr.Body()))
 		}
-		return nil, fmt.Errorf("can't describe item: %v", err)
+		return nil, fmt.Errorf("can't describe item: %w", err)
 	}
 
 	return &gsvOut, nil
 }
 
-func (a *AkeylessBase) GetRotatedSecrets(secretName, token string, version int32) (string, error) {
+func (a *akeylessBase) GetRotatedSecrets(secretName, token string, version int32) (string, error) {
 	ctx := context.Background()
 
 	body := akeyless.GetRotatedSecretValue{
@@ -128,41 +124,40 @@ func (a *AkeylessBase) GetRotatedSecrets(secretName, token string, version int32
 		body.Token = &token
 	}
 
-	gsvOut, _, err := a.RestApi.GetRotatedSecretValue(ctx).Body(body).Execute()
+	gsvOut, _, err := a.RestAPI.GetRotatedSecretValue(ctx).Body(body).Execute()
 	if err != nil {
 		if errors.As(err, &apiErr) {
 			return "", fmt.Errorf("can't get rotated secret value: %v", string(apiErr.Body()))
 		}
-		return "", fmt.Errorf("can't get rotated secret value: %v", err)
+		return "", fmt.Errorf("can't get rotated secret value: %w", err)
 	}
 
 	val, ok := gsvOut["value"]
 	if ok {
 		if _, ok := val["payload"]; ok {
 			return fmt.Sprintf("%v", val["payload"]), nil
-
 		} else if _, ok := val["target_value"]; ok {
 			out, err := json.Marshal(val["target_value"])
 			if err != nil {
-				return "", fmt.Errorf("can't marshal rotated secret value: %v", err)
+				return "", fmt.Errorf("can't marshal rotated secret value: %w", err)
 			}
 			return string(out), nil
 		} else {
 			out, err := json.Marshal(val)
 			if err != nil {
-				return "", fmt.Errorf("can't marshal rotated secret value: %v", err)
+				return "", fmt.Errorf("can't marshal rotated secret value: %w", err)
 			}
 			return string(out), nil
 		}
 	}
 	out, err := json.Marshal(gsvOut)
 	if err != nil {
-		return "", fmt.Errorf("can't marshal rotated secret value: %v", err)
+		return "", fmt.Errorf("can't marshal rotated secret value: %w", err)
 	}
 	return string(out), nil
 }
 
-func (a *AkeylessBase) GetDynamicSecrets(secretName, token string) (string, error) {
+func (a *akeylessBase) GetDynamicSecrets(secretName, token string) (string, error) {
 	ctx := context.Background()
 
 	body := akeyless.GetDynamicSecretValue{
@@ -174,36 +169,23 @@ func (a *AkeylessBase) GetDynamicSecrets(secretName, token string) (string, erro
 		body.Token = &token
 	}
 
-	gsvOut, _, err := a.RestApi.GetDynamicSecretValue(ctx).Body(body).Execute()
+	gsvOut, _, err := a.RestAPI.GetDynamicSecretValue(ctx).Body(body).Execute()
 	if err != nil {
 		if errors.As(err, &apiErr) {
 			return "", fmt.Errorf("can't get dynamic secret value: %v", string(apiErr.Body()))
 		}
-		return "", fmt.Errorf("can't get dynamic secret value: %v", err)
+		return "", fmt.Errorf("can't get dynamic secret value: %w", err)
 	}
 
 	out, err := json.Marshal(gsvOut)
 	if err != nil {
-		return "", fmt.Errorf("can't marshal dynamic secret value: %v", err)
+		return "", fmt.Errorf("can't marshal dynamic secret value: %w", err)
 	}
 
 	return string(out), nil
 }
 
-func (a *AkeylessBase) getSecretVersionByType(secretType, secretName, token string, version int32) (string, error) {
-	switch secretType {
-	case "STATIC_SECRET":
-		return a.GetStaticSecret(secretName, token, version)
-	case "DYNAMIC_SECRET":
-		return a.GetDynamicSecrets(secretName, token)
-	case "ROTATED_SECRET":
-		return a.GetRotatedSecrets(secretName, token, version)
-	default:
-		return "", fmt.Errorf("Invalid item type: %v", secretType)
-	}
-}
-
-func (a *AkeylessBase) GetStaticSecret(secretName, token string, version int32) (string, error) {
+func (a *akeylessBase) GetStaticSecret(secretName, token string, version int32) (string, error) {
 	ctx := context.Background()
 
 	gsvBody := akeyless.GetSecretValue{
@@ -217,36 +199,36 @@ func (a *AkeylessBase) GetStaticSecret(secretName, token string, version int32)
 		gsvBody.Token = &token
 	}
 
-	gsvOut, _, err := a.RestApi.GetSecretValue(ctx).Body(gsvBody).Execute()
+	gsvOut, _, err := a.RestAPI.GetSecretValue(ctx).Body(gsvBody).Execute()
 	if err != nil {
 		if errors.As(err, &apiErr) {
 			return "", fmt.Errorf("can't get secret value: %v", string(apiErr.Body()))
 		}
-		return "", fmt.Errorf("can't get secret value: %v", err)
+		return "", fmt.Errorf("can't get secret value: %w", err)
 	}
 	val, ok := gsvOut[secretName]
 	if !ok {
-		return "", fmt.Errorf("can't get secret: %v",secretName )
+		return "", fmt.Errorf("can't get secret: %v", secretName)
 	}
 
 	return val, nil
 }
 
-func (a *AkeylessBase) getCloudId(provider string, accTypeParam string) (string, error) {
-	var cloudId string
+func (a *akeylessBase) getCloudID(provider, accTypeParam string) (string, error) {
+	var cloudID string
 	var err error
 
 	switch provider {
 	case "azure_ad":
-		cloudId, err = azure_cloud_id.GetCloudId(accTypeParam)
+		cloudID, err = azure_cloud_id.GetCloudId(accTypeParam)
 	case "aws_iam":
-		cloudId, err = aws_cloud_id.GetCloudId()
+		cloudID, err = aws_cloud_id.GetCloudId()
 	case "gcp":
-		cloudId, err = gcp_cloud_id.GetCloudID(accTypeParam)
+		cloudID, err = gcp_cloud_id.GetCloudID(accTypeParam)
 	default:
-		return "", fmt.Errorf("Unable to determine provider: %s", provider)
+		return "", fmt.Errorf("unable to determine provider: %s", provider)
 	}
-	return cloudId, err
+	return cloudID, err
 }
 
 // readK8SServiceAccountJWT reads the JWT data for the Agent to submit to Akeyless Gateway.

pkg/provider/akeyless/auth.go

@@ -18,9 +18,10 @@ import (
 	"context"
 	"fmt"
 
-	esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
 	v1 "k8s.io/api/core/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
 )
 
 const (
@@ -32,8 +33,7 @@ const (
 	errMissingAKID                             = "missing AccessKeyID"
 )
 
-func (a *AkeylessBase) TokenFromSecretRef(ctx context.Context) (string, error) {
-
+func (a *akeylessBase) TokenFromSecretRef(ctx context.Context) (string, error) {
 	prov, err := GetAKeylessProvider(a.store)
 	if err != nil {
 		return "", err

pkg/provider/akeyless/utils.go

@@ -53,7 +53,6 @@ func GetAKeylessProvider(store esv1alpha1.GenericStore) (*esv1alpha1.AkeylessPro
 }
 
 func getV2Url(path string) string {
-
 	// add check if not v2
 	rebody := sendReq(path)
 	if strings.Contains(rebody, "unknown command") {
@@ -69,10 +68,8 @@ func getV2Url(path string) string {
 	}
 	if strings.HasSuffix(url.Host, "/v2") {
 		return path
-	} else {
-		url.Host = url.Host + "/v2"
 	}
-
+	url.Host += "/v2"
 	p := url.Scheme + "://" + url.Host
 	if url.Port() != "" {
 		p = p + ":" + url.Port()
@@ -83,6 +80,9 @@ func getV2Url(path string) string {
 
 func sendReq(url string) string {
 	req, err := http.NewRequest("POST", url, nil)
+	if err != nil {
+		return ""
+	}
 	req.Header.Set("Content-Type", "application/json")
 
 	client := &http.Client{