Fix AWS provider diff lint regressions

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

providers/v2/aws/generator/ecr.go

@@ -49,9 +49,9 @@ type ecrPublicAPI interface {
 type ECRGenerator struct{}
 
 const (
-	errECRNoSpec          = "no config spec provided"
-	errECRParseSpec       = "unable to parse spec: %w"
-	errECRCreateSess      = "unable to create aws session: %w"
+	errECRNoSpec       = "no config spec provided"
+	errECRParseSpec    = "unable to parse spec: %w"
+	errECRCreateSess   = "unable to create aws session: %w"
 	errGetPrivateToken = "unable to get authorization token: %w"
 	errGetPublicToken  = "unable to get public authorization token: %w"
 )

providers/v2/aws/generator/ecr_test.go

@@ -32,7 +32,6 @@ import (
 	v1 "k8s.io/api/core/v1"
 	apiextensions "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	utilpointer "k8s.io/utils/ptr"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	clientfake "sigs.k8s.io/controller-runtime/pkg/client/fake"
 )
@@ -94,8 +93,8 @@ func TestECRGenerate(t *testing.T) {
 					return &ecr.GetAuthorizationTokenOutput{
 						AuthorizationData: []ecrtypes.AuthorizationData{
 							{
-								AuthorizationToken: utilpointer.To(base64.StdEncoding.EncodeToString([]byte("uuser:pass"))),
-								ProxyEndpoint:      utilpointer.To("foo"),
+								AuthorizationToken: new(base64.StdEncoding.EncodeToString([]byte("uuser:pass"))),
+								ProxyEndpoint:      new("foo"),
 								ExpiresAt:          &t,
 							},
 						},
@@ -134,7 +133,7 @@ spec:
 					t := time.Unix(5678, 0)
 					return &ecrpublic.GetAuthorizationTokenOutput{
 						AuthorizationData: &ecrpublictypes.AuthorizationData{
-							AuthorizationToken: utilpointer.To(base64.StdEncoding.EncodeToString([]byte("pubuser:pubpass"))),
+							AuthorizationToken: new(base64.StdEncoding.EncodeToString([]byte("pubuser:pubpass"))),
 							ExpiresAt:          &t,
 						},
 					}, nil

providers/v2/aws/store/parameterstore/parameterstore.go

@@ -31,7 +31,6 @@ import (
 	"github.com/tidwall/gjson"
 	corev1 "k8s.io/api/core/v1"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
-	"k8s.io/utils/ptr"
 	ctrl "sigs.k8s.io/controller-runtime"
 
 	esv1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1"
@@ -219,18 +218,18 @@ func (pm *ParameterStore) PushSecret(ctx context.Context, secret *corev1.Secret,
 
 	for k, v := range meta.Spec.Tags {
 		tags = append(tags, ssmTypes.Tag{
-			Key:   ptr.To(k),
-			Value: ptr.To(v),
+			Key:   new(k),
+			Value: new(v),
 		})
 	}
 
 	secretName := pm.prefix + data.GetRemoteKey()
 	secretRequest := ssm.PutParameterInput{
-		Name:        ptr.To(pm.prefix + data.GetRemoteKey()),
-		Value:       ptr.To(string(value)),
+		Name:        new(pm.prefix + data.GetRemoteKey()),
+		Value:       new(string(value)),
 		Type:        meta.Spec.SecretType,
-		Overwrite:   ptr.To(true),
-		Description: ptr.To(meta.Spec.Description),
+		Overwrite:   new(true),
+		Description: new(meta.Spec.Description),
 	}
 
 	if meta.Spec.SecretType == "SecureString" {
@@ -240,7 +239,7 @@ func (pm *ParameterStore) PushSecret(ctx context.Context, secret *corev1.Secret,
 	if meta.Spec.Tier.Type == ssmTypes.ParameterTierAdvanced {
 		secretRequest.Tier = meta.Spec.Tier.Type
 		if meta.Spec.Tier.Policies != nil {
-			secretRequest.Policies = ptr.To(string(meta.Spec.Tier.Policies.Raw))
+			secretRequest.Policies = new(string(meta.Spec.Tier.Policies.Raw))
 		}
 	}
 
@@ -467,9 +466,9 @@ func (pm *ParameterStore) findByTags(ctx context.Context, ref esv1.ExternalSecre
 	filters := make([]ssmTypes.ParameterStringFilter, 0)
 	for k, v := range ref.Tags {
 		filters = append(filters, ssmTypes.ParameterStringFilter{
-			Key:    ptr.To(fmt.Sprintf("tag:%s", k)),
+			Key:    new(fmt.Sprintf("tag:%s", k)),
 			Values: []string{v},
-			Option: ptr.To("Equals"),
+			Option: new("Equals"),
 		})
 	}
 
@@ -511,7 +510,7 @@ func (pm *ParameterStore) findByTags(ctx context.Context, ref esv1.ExternalSecre
 
 func (pm *ParameterStore) fetchAndSet(ctx context.Context, data map[string][]byte, name string) error {
 	out, err := pm.client.GetParameter(ctx, &ssm.GetParameterInput{
-		Name:           ptr.To(name),
+		Name:           new(name),
 		WithDecryption: aws.Bool(true),
 	})
 	metrics.ObserveAPICall(constants.ProviderAWSPS, constants.CallAWSPSGetParameter, err)
@@ -703,8 +702,8 @@ func computeTagsToUpdate(tags, metaTags map[string]string) ([]ssmTypes.Tag, bool
 			}
 		}
 		result = append(result, ssmTypes.Tag{
-			Key:   ptr.To(k),
-			Value: ptr.To(v),
+			Key:   new(k),
+			Value: new(v),
 		})
 	}
 	return result, modified

providers/v2/aws/store/parameterstore/parameterstore_test.go

@@ -31,7 +31,6 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/utils/ptr"
 
 	esv1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1"
 	fakeps "github.com/external-secrets/external-secrets/providers/v1/aws/parameterstore/fake"
@@ -627,8 +626,8 @@ func TestPushSecret(t *testing.T) {
 					DescribeParametersFn: fakeps.NewDescribeParametersFn(&ssm.DescribeParametersOutput{}, nil),
 					ListTagsForResourceFn: fakeps.NewListTagsForResourceFn(&ssm.ListTagsForResourceOutput{
 						TagList: []ssmtypes.Tag{managedByESO,
-							{Key: ptr.To("team"), Value: ptr.To("no-longer-needed")},
-							{Key: ptr.To("rotation"), Value: ptr.To("10m")},
+							{Key: new("team"), Value: new("no-longer-needed")},
+							{Key: new("rotation"), Value: new("10m")},
 						},
 					}, nil),
 					RemoveTagsFromResourceFn: fakeps.NewRemoveTagsFromResourceFn(&ssm.RemoveTagsFromResourceOutput{}, nil, func(input *ssm.RemoveTagsFromResourceInput) {
@@ -638,8 +637,8 @@ func TestPushSecret(t *testing.T) {
 					AddTagsToResourceFn: fakeps.NewAddTagsToResourceFn(&ssm.AddTagsToResourceOutput{}, nil, func(input *ssm.AddTagsToResourceInput) {
 						assert.Len(t, input.Tags, 3)
 						assert.Contains(t, input.Tags, ssmtypes.Tag{Key: &managedBy, Value: &externalSecrets})
-						assert.Contains(t, input.Tags, ssmtypes.Tag{Key: ptr.To("env"), Value: ptr.To("sandbox")})
-						assert.Contains(t, input.Tags, ssmtypes.Tag{Key: ptr.To("rotation"), Value: ptr.To("1h")})
+						assert.Contains(t, input.Tags, ssmtypes.Tag{Key: new("env"), Value: new("sandbox")})
+						assert.Contains(t, input.Tags, ssmtypes.Tag{Key: new("rotation"), Value: new("1h")})
 					}),
 				},
 			},
@@ -1228,8 +1227,8 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				"key2": "value2",
 			},
 			expected: []ssmtypes.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("value1")},
-				{Key: ptr.To("key2"), Value: ptr.To("value2")},
+				{Key: new("key1"), Value: new("value1")},
+				{Key: new("key2"), Value: new("value2")},
 			},
 			modified: false,
 		},
@@ -1245,9 +1244,9 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				managedBy: externalSecrets,
 			},
 			expected: []ssmtypes.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("value1")},
-				{Key: ptr.To("key2"), Value: ptr.To("value2")},
-				{Key: ptr.To(managedBy), Value: ptr.To(externalSecrets)},
+				{Key: new("key1"), Value: new("value1")},
+				{Key: new("key2"), Value: new("value2")},
+				{Key: new(managedBy), Value: new(externalSecrets)},
 			},
 			modified: false,
 		},
@@ -1261,8 +1260,8 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				"key2": "value2",
 			},
 			expected: []ssmtypes.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("value1")},
-				{Key: ptr.To("key2"), Value: ptr.To("value2")},
+				{Key: new("key1"), Value: new("value1")},
+				{Key: new("key2"), Value: new("value2")},
 			},
 			modified: true,
 		},
@@ -1275,7 +1274,7 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				"key1": "newValue",
 			},
 			expected: []ssmtypes.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("newValue")},
+				{Key: new("key1"), Value: new("newValue")},
 			},
 			modified: true,
 		},
@@ -1293,7 +1292,7 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				"key1": "value1",
 			},
 			expected: []ssmtypes.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("value1")},
+				{Key: new("key1"), Value: new("value1")},
 			},
 			modified: true,
 		},

providers/v2/aws/store/secretsmanager/fake/fake.go

@@ -28,7 +28,6 @@ import (
 	awssm "github.com/aws/aws-sdk-go-v2/service/secretsmanager"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
-	"k8s.io/utils/ptr"
 )
 
 // Client implements the aws secretsmanager interface.
@@ -89,7 +88,7 @@ func (sm *Client) DeleteSecret(ctx context.Context, input *awssm.DeleteSecretInp
 func NewDeleteSecretFn(output *awssm.DeleteSecretOutput, err error) DeleteSecretFn {
 	return func(_ context.Context, input *awssm.DeleteSecretInput, opts ...func(*awssm.Options)) (*awssm.DeleteSecretOutput, error) {
 		if input.ForceDeleteWithoutRecovery != nil && *input.ForceDeleteWithoutRecovery {
-			output.DeletionDate = ptr.To(time.Now())
+			output.DeletionDate = new(time.Now())
 		}
 		return output, err
 	}

providers/v2/aws/store/secretsmanager/secretsmanager.go

@@ -35,7 +35,6 @@ import (
 	"github.com/tidwall/sjson"
 	corev1 "k8s.io/api/core/v1"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
-	utilpointer "k8s.io/utils/ptr"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
@@ -494,9 +493,8 @@ func (sm *SecretsManager) retrievePayload(secretOut *awssm.GetSecretValueOutput)
 
 func (sm *SecretsManager) escapeDotsIfRequired(currentRefProperty, payload string) string {
 	// We need to search if a given key with a . exists before using gjson operations.
-	idx := strings.Index(currentRefProperty, ".")
 	refProperty := currentRefProperty
-	if idx > -1 {
+	if strings.Contains(currentRefProperty, ".") {
 		refProperty = strings.ReplaceAll(currentRefProperty, ".", "\\.")
 		val := gjson.Get(payload, refProperty)
 		if !val.Exists() {
@@ -566,8 +564,8 @@ func (sm *SecretsManager) createSecretWithContext(ctx context.Context, secretNam
 
 	for k, v := range mdata.Spec.Tags {
 		tags = append(tags, types.Tag{
-			Key:   utilpointer.To(k),
-			Value: utilpointer.To(v),
+			Key:   new(k),
+			Value: new(v),
 		})
 	}
 
@@ -575,9 +573,9 @@ func (sm *SecretsManager) createSecretWithContext(ctx context.Context, secretNam
 		Name:               &secretName,
 		SecretBinary:       value,
 		Tags:               tags,
-		Description:        utilpointer.To(mdata.Spec.Description),
-		ClientRequestToken: utilpointer.To(initialVersion),
-		KmsKeyId:           utilpointer.To(mdata.Spec.KMSKeyID),
+		Description:        new(mdata.Spec.Description),
+		ClientRequestToken: new(initialVersion),
+		KmsKeyId:           new(mdata.Spec.KMSKeyID),
 	}
 	if mdata.Spec.SecretPushFormat == SecretPushFormatString {
 		input.SecretBinary = nil
@@ -758,8 +756,7 @@ func (sm *SecretsManager) constructSecretValue(ctx context.Context, key, ver str
 	}
 
 	var getSecretValueInput *awssm.GetSecretValueInput
-	if strings.HasPrefix(ver, "uuid/") {
-		versionID := strings.TrimPrefix(ver, "uuid/")
+	if versionID, ok := strings.CutPrefix(ver, "uuid/"); ok {
 		getSecretValueInput = &awssm.GetSecretValueInput{
 			SecretId:  &key,
 			VersionId: &versionID,
@@ -959,8 +956,8 @@ func computeTagsToUpdate(tags, metaTags map[string]string) ([]types.Tag, bool) {
 			}
 		}
 		result = append(result, types.Tag{
-			Key:   utilpointer.To(k),
-			Value: utilpointer.To(v),
+			Key:   new(k),
+			Value: new(v),
 		})
 	}
 	return result, modified

providers/v2/aws/store/secretsmanager/secretsmanager_test.go

@@ -36,7 +36,6 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/utils/ptr"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	clientfake "sigs.k8s.io/controller-runtime/pkg/client/fake"
 
@@ -462,8 +461,8 @@ func TestSetSecret(t *testing.T) {
 			Value: &externalSecrets,
 		},
 		{
-			Key:   ptr.To("taname1"),
-			Value: ptr.To("tagvalue1"),
+			Key:   new("taname1"),
+			Value: new("tagvalue1"),
 		},
 	}
 
@@ -1014,14 +1013,14 @@ func TestSetSecret(t *testing.T) {
 						ARN: &arn,
 						Tags: []types.Tag{
 							{Key: &managedBy, Value: &externalSecrets},
-							{Key: ptr.To("team"), Value: ptr.To("paradox")},
+							{Key: new("team"), Value: new("paradox")},
 						},
 					}, nil),
 					PutSecretValueFn: fakesm.NewPutSecretValueFn(putSecretOutput, nil),
 					TagResourceFn: fakesm.NewTagResourceFn(&awssm.TagResourceOutput{}, nil, func(input *awssm.TagResourceInput) {
 						assert.Len(t, input.Tags, 2)
 						assert.Contains(t, input.Tags, types.Tag{Key: &managedBy, Value: &externalSecrets})
-						assert.Contains(t, input.Tags, types.Tag{Key: ptr.To("env"), Value: ptr.To("sandbox")})
+						assert.Contains(t, input.Tags, types.Tag{Key: new("env"), Value: new("sandbox")})
 					}),
 					UntagResourceFn: fakesm.NewUntagResourceFn(&awssm.UntagResourceOutput{}, nil, func(input *awssm.UntagResourceInput) {
 						assert.Len(t, input.TagKeys, 1)
@@ -1557,7 +1556,7 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 				Name: &esv1.FindName{
 					RegExp: secretName,
 				},
-				Path: ptr.To(secretPath),
+				Path: new(secretPath),
 			},
 			secretName:    secretName,
 			secretVersion: secretVersion,
@@ -1569,7 +1568,7 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 				return &awssm.BatchGetSecretValueOutput{
 					SecretValues: []types.SecretValueEntry{
 						{
-							Name:          ptr.To(secretName),
+							Name:          new(secretName),
 							VersionStages: []string{secretVersion},
 							SecretBinary:  []byte(secretValue),
 						},
@@ -1587,7 +1586,7 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 				Name: &esv1.FindName{
 					RegExp: secretName,
 				},
-				Path: ptr.To(secretPath),
+				Path: new(secretPath),
 			},
 			secretName:    secretName,
 			secretVersion: secretVersion,
@@ -1596,7 +1595,7 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 				return &awssm.BatchGetSecretValueOutput{
 					SecretValues: []types.SecretValueEntry{
 						{
-							Name: ptr.To(secretName),
+							Name: new(secretName),
 						},
 					},
 				}, errBoom
@@ -1628,7 +1627,7 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 				return &awssm.ListSecretsOutput{
 					SecretList: []types.SecretListEntry{
 						{
-							Name: ptr.To("other-secret"),
+							Name: new("other-secret"),
 						},
 					},
 				}, nil
@@ -1637,7 +1636,7 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 				return &awssm.BatchGetSecretValueOutput{
 					SecretValues: []types.SecretValueEntry{
 						{
-							Name: ptr.To("other-secret"),
+							Name: new("other-secret"),
 						},
 					},
 				}, nil
@@ -1673,7 +1672,7 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 				return &awssm.BatchGetSecretValueOutput{
 					SecretValues: []types.SecretValueEntry{
 						{
-							Name:          ptr.To(secretName),
+							Name:          new(secretName),
 							VersionStages: []string{secretVersion},
 							SecretBinary:  []byte(secretValue),
 						},
@@ -1696,18 +1695,18 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 			listSecretsFn: func(_ context.Context, input *awssm.ListSecretsInput, _ ...func(*awssm.Options)) (*awssm.ListSecretsOutput, error) {
 				allSecrets := []types.SecretListEntry{
 					{
-						Name: ptr.To(secretName),
+						Name: new(secretName),
 						Tags: []types.Tag{
-							{Key: ptr.To("foo"), Value: ptr.To("bar")},
+							{Key: new("foo"), Value: new("bar")},
 						},
 					},
 					{
-						Name: ptr.To(fmt.Sprintf("%ssomeothertext", secretName)),
+						Name: new(fmt.Sprintf("%ssomeothertext", secretName)),
 					},
 					{
-						Name: ptr.To("unmatched-secret"),
+						Name: new("unmatched-secret"),
 						Tags: []types.Tag{
-							{Key: ptr.To("foo"), Value: ptr.To("bar")},
+							{Key: new("foo"), Value: new("bar")},
 						},
 					},
 				}
@@ -1759,20 +1758,20 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 			getSecretValueFn: func(_ context.Context, input *awssm.GetSecretValueInput, _ ...func(*awssm.Options)) (*awssm.GetSecretValueOutput, error) {
 				if *input.SecretId == secretName {
 					return &awssm.GetSecretValueOutput{
-						Name:          ptr.To(secretName),
+						Name:          new(secretName),
 						VersionStages: []string{secretVersion},
 						SecretBinary:  []byte(secretValue),
 					}, nil
 				}
 				if *input.SecretId == "unmatched-secret" {
 					return &awssm.GetSecretValueOutput{
-						Name:          ptr.To("unmatched-secret"),
+						Name:          new("unmatched-secret"),
 						VersionStages: []string{secretVersion},
 						SecretBinary:  []byte("othervalue"),
 					}, nil
 				}
 				return &awssm.GetSecretValueOutput{
-					Name:          ptr.To(fmt.Sprintf("%ssomeothertext", secretName)),
+					Name:          new(fmt.Sprintf("%ssomeothertext", secretName)),
 					VersionStages: []string{secretVersion},
 					SecretBinary:  []byte("someothervalue"),
 				}, nil
@@ -1794,7 +1793,7 @@ func TestSecretsManagerGetAllSecrets(t *testing.T) {
 				return &awssm.BatchGetSecretValueOutput{
 					SecretValues: []types.SecretValueEntry{
 						{
-							Name:          ptr.To(secretName),
+							Name:          new(secretName),
 							VersionStages: []string{secretVersion},
 							SecretBinary:  []byte(secretValue),
 						},
@@ -2106,8 +2105,8 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				"key2": "value2",
 			},
 			expected: []types.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("value1")},
-				{Key: ptr.To("key2"), Value: ptr.To("value2")},
+				{Key: new("key1"), Value: new("value1")},
+				{Key: new("key2"), Value: new("value2")},
 			},
 			modified: false,
 		},
@@ -2123,9 +2122,9 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				managedBy: externalSecrets,
 			},
 			expected: []types.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("value1")},
-				{Key: ptr.To("key2"), Value: ptr.To("value2")},
-				{Key: ptr.To(managedBy), Value: ptr.To(externalSecrets)},
+				{Key: new("key1"), Value: new("value1")},
+				{Key: new("key2"), Value: new("value2")},
+				{Key: new(managedBy), Value: new(externalSecrets)},
 			},
 			modified: false,
 		},
@@ -2139,8 +2138,8 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				"key2": "value2",
 			},
 			expected: []types.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("value1")},
-				{Key: ptr.To("key2"), Value: ptr.To("value2")},
+				{Key: new("key1"), Value: new("value1")},
+				{Key: new("key2"), Value: new("value2")},
 			},
 			modified: true,
 		},
@@ -2153,7 +2152,7 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				"key1": "newValue",
 			},
 			expected: []types.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("newValue")},
+				{Key: new("key1"), Value: new("newValue")},
 			},
 			modified: true,
 		},
@@ -2171,7 +2170,7 @@ func TestComputeTagsToUpdate(t *testing.T) {
 				"key1": "value1",
 			},
 			expected: []types.Tag{
-				{Key: ptr.To("key1"), Value: ptr.To("value1")},
+				{Key: new("key1"), Value: new("value1")},
 			},
 			modified: true,
 		},
@@ -2220,8 +2219,8 @@ func TestPatchTags(t *testing.T) {
 			expectUntag:  false,
 			expectTag:    true,
 			assertsTag: func(input *awssm.TagResourceInput) {
-				assert.Contains(t, input.Tags, types.Tag{Key: ptr.To(managedBy), Value: ptr.To(externalSecrets)})
-				assert.Contains(t, input.Tags, types.Tag{Key: ptr.To("a"), Value: ptr.To("2")})
+				assert.Contains(t, input.Tags, types.Tag{Key: new(managedBy), Value: new(externalSecrets)})
+				assert.Contains(t, input.Tags, types.Tag{Key: new("a"), Value: new("2")})
 			},
 			assertsUntag: func(input *awssm.UntagResourceInput) {
 				assert.Fail(t, "Expected UntagResource to not be called")
@@ -2247,9 +2246,9 @@ func TestPatchTags(t *testing.T) {
 			expectUntag:  false,
 			expectTag:    true,
 			assertsTag: func(input *awssm.TagResourceInput) {
-				assert.Contains(t, input.Tags, types.Tag{Key: ptr.To(managedBy), Value: ptr.To(externalSecrets)})
-				assert.Contains(t, input.Tags, types.Tag{Key: ptr.To("a"), Value: ptr.To("1")})
-				assert.Contains(t, input.Tags, types.Tag{Key: ptr.To("b"), Value: ptr.To("2")})
+				assert.Contains(t, input.Tags, types.Tag{Key: new(managedBy), Value: new(externalSecrets)})
+				assert.Contains(t, input.Tags, types.Tag{Key: new("a"), Value: new("1")})
+				assert.Contains(t, input.Tags, types.Tag{Key: new("b"), Value: new("2")})
 			},
 			assertsUntag: func(input *awssm.UntagResourceInput) {
 				assert.Fail(t, "Expected UntagResource to not be called")
@@ -2272,10 +2271,10 @@ func TestPatchTags(t *testing.T) {
 			}
 
 			sm := &SecretsManager{client: fakeClient}
-			metaMap := map[string]interface{}{
+			metaMap := map[string]any{
 				"apiVersion": "kubernetes.external-secrets.io/v1alpha1",
 				"kind":       "PushSecretMetadata",
-				"spec": map[string]interface{}{
+				"spec": map[string]any{
 					"description": "adding managed-by tag explicitly",
 					"tags":        tt.metaTags,
 				},

providers/v2/aws/store/store_test.go

@@ -26,7 +26,6 @@ import (
 	"github.com/stretchr/testify/assert"
 	corev1 "k8s.io/api/core/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	pointer "k8s.io/utils/ptr"
 	clientfake "sigs.k8s.io/controller-runtime/pkg/client/fake"
 
 	esv1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1"
@@ -277,7 +276,7 @@ func TestValidateStore(t *testing.T) {
 									SecretRef: &esv1.AWSAuthSecretRef{
 										AccessKeyID: esmeta.SecretKeySelector{
 											Name:      "foobar",
-											Namespace: pointer.To("unacceptable"),
+											Namespace: new("unacceptable"),
 										},
 									},
 								},
@@ -301,7 +300,7 @@ func TestValidateStore(t *testing.T) {
 									SecretRef: &esv1.AWSAuthSecretRef{
 										SecretAccessKey: esmeta.SecretKeySelector{
 											Name:      "foobar",
-											Namespace: pointer.To("unacceptable"),
+											Namespace: new("unacceptable"),
 										},
 									},
 								},
@@ -403,7 +402,7 @@ func TestValidateStore(t *testing.T) {
 									JWTAuth: &esv1.AWSJWTAuth{
 										ServiceAccountRef: &esmeta.ServiceAccountSelector{
 											Name:      "foobar",
-											Namespace: pointer.To("unacceptable"),
+											Namespace: new("unacceptable"),
 										},
 									},
 								},