add Utility method to validate Network Connection, add Validate method for akeyless,alibaba,gitlab and webhook

pkg/provider/akeyless/akeyless.go

@@ -19,6 +19,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"strconv"
+	"time"
 
 	"github.com/akeylesslabs/akeyless-go/v2"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -46,6 +47,7 @@ type akeylessBase struct {
 
 type Akeyless struct {
 	Client akeylessVaultInterface
+	url    string
 }
 
 type akeylessVaultInterface interface {
@@ -98,7 +100,7 @@ func newClient(_ context.Context, store esv1beta1.GenericStore, kube client.Clie
 
 	akl.akeylessGwAPIURL = akeylessGwAPIURL
 	akl.RestAPI = RestAPIClient
-	return &Akeyless{Client: akl}, nil
+	return &Akeyless{Client: akl, url: akeylessGwAPIURL}, nil
 }
 
 func (a *Akeyless) Close(ctx context.Context) error {
@@ -106,7 +108,10 @@ func (a *Akeyless) Close(ctx context.Context) error {
 }
 
 func (a *Akeyless) Validate() error {
-	return nil
+	timeout := 4 * time.Second
+	url := a.url
+
+	return utils.NetworkValidate(url, timeout)
 }
 
 // Implements store.Client.GetSecret Interface.

pkg/provider/alibaba/kms.go

@@ -18,6 +18,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"time"
 
 	kmssdk "github.com/aliyun/alibaba-cloud-sdk-go/services/kms"
 	"github.com/tidwall/gjson"
@@ -53,6 +54,7 @@ type Client struct {
 
 type KeyManagementService struct {
 	Client SMInterface
+	url    string
 }
 
 type SMInterface interface {
@@ -183,6 +185,7 @@ func (kms *KeyManagementService) NewClient(ctx context.Context, store esv1beta1.
 		return nil, fmt.Errorf(errAlibabaClient, err)
 	}
 	kms.Client = keyManagementService
+	kms.url = alibabaSpec.Endpoint
 	return kms, nil
 }
 
@@ -191,7 +194,10 @@ func (kms *KeyManagementService) Close(ctx context.Context) error {
 }
 
 func (kms *KeyManagementService) Validate() error {
-	return nil
+	timeout := 4 * time.Second
+	url := kms.url
+
+	return utils.NetworkValidate(url, timeout)
 }
 
 func (kms *KeyManagementService) ValidateStore(store esv1beta1.GenericStore) error {

pkg/provider/gitlab/gitlab.go

@@ -18,6 +18,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"strings"
+	"time"
 
 	"github.com/tidwall/gjson"
 	gitlab "github.com/xanzy/go-gitlab"
@@ -48,6 +49,7 @@ type Client interface {
 // Gitlab Provider struct with reference to a GitLab client and a projectID.
 type Gitlab struct {
 	client    Client
+	url       string
 	projectID interface{}
 }
 
@@ -142,6 +144,7 @@ func (g *Gitlab) NewClient(ctx context.Context, store esv1beta1.GenericStore, ku
 
 	g.client = gitlabClient.ProjectVariables
 	g.projectID = cliStore.store.ProjectID
+	g.url = cliStore.store.URL
 
 	return g, nil
 }
@@ -216,7 +219,10 @@ func (g *Gitlab) Close(ctx context.Context) error {
 }
 
 func (g *Gitlab) Validate() error {
-	return nil
+	timeout := 4 * time.Second
+	url := g.url
+
+	return utils.NetworkValidate(url, timeout)
 }
 
 func (g *Gitlab) ValidateStore(store esv1beta1.GenericStore) error {

pkg/provider/webhook/webhook.go

@@ -25,6 +25,7 @@ import (
 	"net/url"
 	"strings"
 	tpl "text/template"
+	"time"
 
 	"github.com/Masterminds/sprig/v3"
 	"github.com/PaesslerAG/jsonpath"
@@ -35,6 +36,7 @@ import (
 	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 	esmeta "github.com/external-secrets/external-secrets/apis/meta/v1"
 	"github.com/external-secrets/external-secrets/pkg/template/v2"
+	"github.com/external-secrets/external-secrets/pkg/utils"
 )
 
 // Provider satisfies the provider interface.
@@ -46,6 +48,7 @@ type WebHook struct {
 	namespace string
 	storeKind string
 	http      *http.Client
+	url       string
 }
 
 func init() {
@@ -65,6 +68,8 @@ func (p *Provider) NewClient(ctx context.Context, store esv1beta1.GenericStore,
 	if err != nil {
 		return nil, err
 	}
+	whClient.url = provider.URL
+
 	whClient.http, err = whClient.getHTTPClient(provider)
 	if err != nil {
 		return nil, err
@@ -386,7 +391,10 @@ func (w *WebHook) Close(ctx context.Context) error {
 }
 
 func (w *WebHook) Validate() error {
-	return nil
+	timeout := 4 * time.Second
+	url := w.url
+
+	return utils.NetworkValidate(url, timeout)
 }
 
 func executeTemplateString(tmpl string, data map[string]map[string]string) (string, error) {

pkg/utils/utils.go

@@ -19,8 +19,11 @@ import (
 	// nolint:gosec
 	"crypto/md5"
 	"fmt"
+	"net"
+	"net/url"
 	"reflect"
 	"strings"
+	"time"
 	"unicode"
 
 	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
@@ -134,3 +137,22 @@ func ValidateServiceAccountSelector(store esv1beta1.GenericStore, ref esmeta.Ser
 	}
 	return nil
 }
+
+func NetworkValidate(endpoint string, timeout time.Duration) error {
+	hostname, err := url.Parse(endpoint)
+	if err != nil {
+		return fmt.Errorf("could not parse url: %w", err)
+	}
+
+	host, port, err := net.SplitHostPort(hostname.Host)
+	if err != nil {
+		return fmt.Errorf("could not find host and port from url: %w", err)
+	}
+
+	url := fmt.Sprintf("%v:%v", host, port)
+	_, err = net.DialTimeout("tcp", url, timeout)
+	if err != nil {
+		return fmt.Errorf("error accessing external store: %w", err)
+	}
+	return nil
+}

pkg/utils/utils_test.go

@@ -17,6 +17,7 @@ package utils
 import (
 	"reflect"
 	"testing"
+	"time"
 
 	vault "github.com/oracle/oci-go-sdk/v56/vault"
 	v1 "k8s.io/api/core/v1"
@@ -224,3 +225,10 @@ func TestConvertKeys(t *testing.T) {
 		})
 	}
 }
+
+func TestValidate(t *testing.T) {
+	err := NetworkValidate("https://google.com", 10*time.Second)
+	if err != nil {
+		t.Errorf("Connection problem: %v", err)
+	}
+}