4 years ago · 65b92cd893
--- a/pkg/provider/akeyless/akeyless.go
+++ b/pkg/provider/akeyless/akeyless.go
@@ -18,6 +18,7 @@ import (
 
				 	"context"
			
 
				 	"encoding/json"
			
 
				 	"fmt"
			
 
				+	"net/url"
			
 
				 	"strconv"
			
 
				 	"time"
			
 
				 
			
@@ -76,16 +77,31 @@ func (p *Provider) ValidateStore(store esv1beta1.GenericStore) error {
 
				 
			
 
				 	akeylessGWApiURL := akeylessSpec.AkeylessGWApiURL
			
 
				 
			
 
				-	if akeylessGWApiURL == nil {
			
 
				-		return fmt.Errorf("Akeyless GW API URL is required ")
			
 
				+	if akeylessGWApiURL != nil && *akeylessGWApiURL != "" {
			
 
				+		url, err := url.Parse(*akeylessGWApiURL)
			
 
				+		if err != nil {
			
 
				+			return fmt.Errorf(errInvalidAkeylessURL)
			
 
				+		}
			
 
				+
			
 
				+		if url.Host == "" {
			
 
				+			return fmt.Errorf(errInvalidAkeylessURL)
			
 
				+		}
			
 
				 	}
			
 
				 
			
 
				-	accessId := akeylessSpec.Auth.SecretRef.AccessID
			
 
				-	err := utils.ValidateSecretSelector(store, accessId)
			
 
				+	accessID := akeylessSpec.Auth.SecretRef.AccessID
			
 
				+	err := utils.ValidateSecretSelector(store, accessID)
			
 
				 	if err != nil {
			
 
				 		return err
			
 
				 	}
			
 
				 
			
 
				+	if accessID.Name == "" {
			
 
				+		return fmt.Errorf(errInvalidAkeylessAccessIDName)
			
 
				+	}
			
 
				+
			
 
				+	if accessID.Key == "" {
			
 
				+		return fmt.Errorf(errInvalidAkeylessAccessIDKey)
			
 
				+	}
			
 
				+
			
 
				 	accessType := akeylessSpec.Auth.SecretRef.AccessType
			
 
				 	err = utils.ValidateSecretSelector(store, accessType)
			
 
				 	if err != nil {
			
--- a/pkg/provider/akeyless/akeyless_test.go
+++ b/pkg/provider/akeyless/akeyless_test.go
@@ -128,7 +128,7 @@ func TestAkeylessGetSecret(t *testing.T) {
 
				 func TestValidateStore(t *testing.T) {
			
 
				 	provider := Provider{}
			
 
				 
			
 
				-	akeylessGWApiURL := "gwapi.akeyless"
			
 
				+	akeylessGWApiURL := ""
			
 
				 
			
 
				 	store := &esv1beta1.SecretStore{
			
 
				 		Spec: esv1beta1.SecretStoreSpec{
			
--- a/pkg/provider/akeyless/utils.go
+++ b/pkg/provider/akeyless/utils.go
@@ -31,6 +31,9 @@ const (
 
				 	errInvalidProvider              = "invalid provider spec. Missing Akeyless field in store %s"
			
 
				 	errJSONSecretUnmarshal          = "unable to unmarshal secret: %w"
			
 
				 	errUninitalizedAkeylessProvider = "provider akeyless is not initialized"
			
 
				+	errInvalidAkeylessURL           = "invalid akeyless GW API URL"
			
 
				+	errInvalidAkeylessAccessIDName  = "missing akeyless accessID name"
			
 
				+	errInvalidAkeylessAccessIDKey   = "missing akeyless accessID key"
			
 
				 )
			
 
				 
			
 
				 // GetAKeylessProvider does the necessary nil checks and returns the akeyless provider or an error.