Update Go and golangci-lint version (#3396)

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>

.github/workflows/ci.yml

@@ -9,8 +9,8 @@ on:
 
 env:
   # Common versions
-  GOLANGCI_VERSION: 'v1.54.2'
-  KUBERNETES_VERSION: '1.28.x'
+  GOLANGCI_VERSION: 'v1.57.2'
+  KUBERNETES_VERSION: '1.30.x'
 
   # Sonar
   SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

.golangci.yaml

@@ -3,7 +3,12 @@ run:
 
 linters-settings:
   gci:
-    local-prefixes: github.com/external-secrets/external-secrets
+    sections:
+      - "standard"
+      - "default"
+      - "prefix(github.com/external-secrets/external-secrets)"
+      - "blank"
+      - "dot"
   goconst:
     min-len: 3
     min-occurrences: 3
@@ -68,7 +73,6 @@ linters:
     - nakedret
     - nolintlint
     - prealloc
-    - revive
     - staticcheck
     - stylecheck
     - typecheck
@@ -77,9 +81,6 @@ linters:
     - unused
     - whitespace
 
-service:
-  golangci-lint-version: 1.33.x
-
 issues:
   # Excluding configuration per-path and per-linter
   exclude-rules:

Makefile

@@ -321,8 +321,8 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest
 GOLANGCI_LINT ?= $(LOCALBIN)/golangci-lint
 
 ## Tool Versions
-GOLANGCI_VERSION := 1.54.2
-KUBERNETES_VERSION := 1.28.x
+GOLANGCI_VERSION := 1.57.2
+KUBERNETES_VERSION := 1.30.x
 TILT_VERSION := 0.33.10
 
 .PHONY: envtest

apis/externalsecrets/v1beta1/fakes/pushremoteref.go

@@ -18,7 +18,7 @@ type PushRemoteRef struct {
 	getRemoteKeyReturnsOnCall map[int]struct {
 		result1 string
 	}
-	invocations      map[string][][]interface{}
+	invocations      map[string][][]any
 	invocationsMutex sync.RWMutex
 }
 
@@ -29,7 +29,7 @@ func (fake *PushRemoteRef) GetRemoteKey() string {
 	}{})
 	stub := fake.GetRemoteKeyStub
 	fakeReturns := fake.getRemoteKeyReturns
-	fake.recordInvocation("GetRemoteKey", []interface{}{})
+	fake.recordInvocation("GetRemoteKey", []any{})
 	fake.getRemoteKeyMutex.Unlock()
 	if stub != nil {
 		return stub()
@@ -79,26 +79,26 @@ func (fake *PushRemoteRef) GetRemoteKeyReturnsOnCall(i int, result1 string) {
 	}{result1}
 }
 
-func (fake *PushRemoteRef) Invocations() map[string][][]interface{} {
+func (fake *PushRemoteRef) Invocations() map[string][][]any {
 	fake.invocationsMutex.RLock()
 	defer fake.invocationsMutex.RUnlock()
 	fake.getRemoteKeyMutex.RLock()
 	defer fake.getRemoteKeyMutex.RUnlock()
-	copiedInvocations := map[string][][]interface{}{}
+	copiedInvocations := map[string][][]any{}
 	for key, value := range fake.invocations {
 		copiedInvocations[key] = value
 	}
 	return copiedInvocations
 }
 
-func (fake *PushRemoteRef) recordInvocation(key string, args []interface{}) {
+func (fake *PushRemoteRef) recordInvocation(key string, args []any) {
 	fake.invocationsMutex.Lock()
 	defer fake.invocationsMutex.Unlock()
 	if fake.invocations == nil {
-		fake.invocations = map[string][][]interface{}{}
+		fake.invocations = map[string][][]any{}
 	}
 	if fake.invocations[key] == nil {
-		fake.invocations[key] = [][]interface{}{}
+		fake.invocations[key] = [][]any{}
 	}
 	fake.invocations[key] = append(fake.invocations[key], args)
 }

apis/externalsecrets/v1beta1/provider_schema.go

@@ -99,7 +99,7 @@ func getProviderName(storeSpec *SecretStoreProvider) (string, error) {
 		return "", fmt.Errorf("failed to marshal store spec: %w", err)
 	}
 
-	storeMap := make(map[string]interface{})
+	storeMap := make(map[string]any)
 	err = json.Unmarshal(storeBytes, &storeMap)
 	if err != nil {
 		return "", fmt.Errorf("failed to unmarshal store spec: %w", err)

cmd/root.go

@@ -26,8 +26,6 @@ import (
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
-	// To allow using gcp auth.
-	_ "k8s.io/client-go/plugin/pkg/client/auth"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/cache"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -50,6 +48,9 @@ import (
 	"github.com/external-secrets/external-secrets/pkg/controllers/secretstore/cssmetrics"
 	"github.com/external-secrets/external-secrets/pkg/controllers/secretstore/ssmetrics"
 	"github.com/external-secrets/external-secrets/pkg/feature"
+
+	// To allow using gcp auth.
+	_ "k8s.io/client-go/plugin/pkg/client/auth"
 )
 
 var (

design/007-provider-versioning-strategy.md

@@ -66,7 +66,7 @@ Fake Provider Basic Convert function (very similar to other ):
 ```go
 func (p *Provider) Convert(in esv1beta1.GenericStore) (client.Object, error) {
 	out := &prov.Fake{}
-	tmp := map[string]interface{}{
+	tmp := map[string]any{
 		"spec": in.GetSpec().Provider.Fake,
 	}
 	d, err := json.Marshal(tmp)

docs/guides/templating-v1.md

@@ -42,8 +42,8 @@ We provide a bunch of convenience functions that help you transform your secrets
 | jwkPrivateKeyPem | takes an json-serialized JWK as `[]byte` and returns an PEM block of type `PRIVATE KEY` that contains the private key in PKCS #8 format ([see here](https://golang.org/pkg/crypto/x509/#MarshalPKCS8PrivateKey)) for details | `[]byte`                         | `string`      |
 | base64decode   | decodes the provided bytes as base64                                       | `[]byte`                         | `[]byte`      |
 | base64encode   | encodes the provided bytes as base64                                       | `[]byte`                         | `[]byte`      |
-| fromJSON       | parses the bytes as JSON so you can access individual properties           | `[]byte`                         | `interface{}` |
-| toJSON         | encodes the provided object as json string                                 | `interface{}`                    | `string`      |
+| fromJSON       | parses the bytes as JSON so you can access individual properties           | `[]byte`                         | `any` |
+| toJSON         | encodes the provided object as json string                                 | `any`                    | `string`      |
 | toString       | converts bytes to string                                                   | `[]byte`                         | `string`      |
 | toBytes        | converts string to bytes                                                   | `string`                         | `[]byte`      |
 | upper          | converts all characters to their upper case                                | `string`                         | `string`      |

docs/guides/templating.md

@@ -162,7 +162,7 @@ In addition to that you can use over 200+ [sprig functions](http://masterminds.g
 | jwkPublicKeyPem  | Takes an json-serialized JWK and returns an PEM block of type `PUBLIC KEY` that contains the public key. [See here](https://golang.org/pkg/crypto/x509/#MarshalPKIXPublicKey) for details.                                   |
 | jwkPrivateKeyPem | Takes an json-serialized JWK as `string` and returns an PEM block of type `PRIVATE KEY` that contains the private key in PKCS #8 format. [See here](https://golang.org/pkg/crypto/x509/#MarshalPKCS8PrivateKey) for details. |
 | toYaml           | Takes an interface, marshals it to yaml. It returns a string, even on marshal error (empty string).                                                                                                                          |
-| fromYaml         | Function converts a YAML document into a map[string]interface{}.                                                                                                                                                             |
+| fromYaml         | Function converts a YAML document into a map[string]any.                                                                                                                                                             |
 
 ## Migrating from v1
 

e2e/framework/addon/conjur.go

@@ -50,9 +50,9 @@ func NewConjur(namespace string) *Conjur {
 	return &Conjur{
 		dataKey: dataKey,
 		chart: &HelmChart{
-			Namespace:    namespace,
-			ReleaseName:  fmt.Sprintf("conjur-%s", namespace), // avoid cluster role collision
-			Chart:        fmt.Sprintf("%s/conjur-oss", repo),
+			Namespace:   namespace,
+			ReleaseName: fmt.Sprintf("conjur-%s", namespace), // avoid cluster role collision
+			Chart:       fmt.Sprintf("%s/conjur-oss", repo),
 			// Use latest version of Conjur OSS. To pin to a specific version, uncomment the following line.
 			// ChartVersion: "2.0.7",
 			Repo: ChartRepo{
@@ -220,7 +220,7 @@ func (l *Conjur) fetchJWKSandIssuer() (pubKeysJson string, issuer string, err er
 	if err != nil {
 		return "", "", fmt.Errorf("unable to fetch openid-configuration: %w", err)
 	}
-	var openidConfig map[string]interface{}
+	var openidConfig map[string]any
 	json.Unmarshal(res, &openidConfig)
 	issuer = openidConfig["issuer"].(string)
 
@@ -229,11 +229,11 @@ func (l *Conjur) fetchJWKSandIssuer() (pubKeysJson string, issuer string, err er
 	if err != nil {
 		return "", "", fmt.Errorf("unable to fetch jwks: %w", err)
 	}
-	var jwks map[string]interface{}
+	var jwks map[string]any
 	json.Unmarshal(jwksJson, &jwks)
 
 	// Create a JSON object with the jwks that can be used by Conjur
-	pubKeysObj := map[string]interface{}{
+	pubKeysObj := map[string]any{
 		"type":  "jwks",
 		"value": jwks,
 	}

e2e/framework/framework.go

@@ -112,8 +112,8 @@ func Compose(descAppend string, f *Framework, fn func(f *Framework) (string, fun
 	desc, cfn := fn(f)
 	tweaks = append([]func(*TestCase){cfn}, tweaks...)
 
-	// need to convert []func to []interface{}
-	ifs := make([]interface{}, len(tweaks))
+	// need to convert []func to []any
+	ifs := make([]any, len(tweaks))
 	for i := 0; i < len(tweaks); i++ {
 		ifs[i] = tweaks[i]
 	}

e2e/framework/log/log.go

@@ -19,6 +19,6 @@ import (
 )
 
 // Logf logs the format string to ginkgo stdout.
-func Logf(format string, args ...interface{}) {
+func Logf(format string, args ...any) {
 	ginkgo.GinkgoWriter.Printf(format+"\n", args...)
 }

e2e/go.mod

@@ -1,8 +1,8 @@
 module github.com/external-secrets/external-secrets-e2e
 
-go 1.21
+go 1.22
 
-toolchain go1.21.3
+toolchain go1.22.1
 
 replace github.com/external-secrets/external-secrets => ../
 

e2e/suites/provider/cases/delinea/provider.go

@@ -32,7 +32,7 @@ func (p *secretStoreProvider) init(cfg *config) {
 }
 
 func (p *secretStoreProvider) CreateSecret(key string, val framework.SecretEntry) {
-	var data map[string]interface{}
+	var data map[string]any
 	err := json.Unmarshal([]byte(val.Value), &data)
 	gomega.Expect(err).ToNot(gomega.HaveOccurred())
 	_, err = p.api.CreateSecret(key, &vault.SecretCreateRequest{

go.mod

@@ -1,6 +1,6 @@
 module github.com/external-secrets/external-secrets
 
-go 1.21
+go 1.22
 
 require (
 	cloud.google.com/go/iam v1.1.7

pkg/common/webhook/webhook.go

@@ -79,7 +79,7 @@ func (w *Webhook) GetSecretMap(ctx context.Context, provider *Spec, ref *esv1bet
 		return nil, err
 	}
 	// We always want json here, so just parse it out
-	jsondata := interface{}(nil)
+	jsondata := any(nil)
 	if err := json.Unmarshal(result, &jsondata); err != nil {
 		return nil, fmt.Errorf("failed to parse response json: %w", err)
 	}
@@ -100,7 +100,7 @@ func (w *Webhook) GetSecretMap(ctx context.Context, provider *Spec, ref *esv1bet
 		}
 	}
 	// Use the data as a key-value map
-	jsonvalue, ok := jsondata.(map[string]interface{})
+	jsonvalue, ok := jsondata.(map[string]any)
 	if !ok {
 		return nil, fmt.Errorf("failed to get response (wrong type: %T)", jsondata)
 	}

pkg/controllers/clusterexternalsecret/clusterexternalsecret_controller_test.go

@@ -21,8 +21,6 @@ import (
 	"sort"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
@@ -31,6 +29,9 @@ import (
 	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 	"github.com/external-secrets/external-secrets/pkg/controllers/clusterexternalsecret/cesmetrics"
 	ctrlmetrics "github.com/external-secrets/external-secrets/pkg/controllers/metrics"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 func init() {

pkg/controllers/clusterexternalsecret/suite_test.go

@@ -20,8 +20,6 @@ import (
 	"testing"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	"go.uber.org/zap/zapcore"
 	"k8s.io/client-go/kubernetes/scheme"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -33,6 +31,9 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/metrics/server"
 
 	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 // These tests use Ginkgo (BDD-style Go testing framework). Refer to

pkg/controllers/crds/common_test.go

@@ -18,8 +18,6 @@ import (
 	"context"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	corev1 "k8s.io/api/core/v1"
 	apiextensions "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -27,6 +25,9 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 type testCase struct {

pkg/controllers/crds/suite_test.go

@@ -20,8 +20,6 @@ import (
 	"testing"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	"k8s.io/client-go/kubernetes/scheme"
 	"k8s.io/client-go/rest"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -33,6 +31,9 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/metrics/server"
 
 	esapi "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 var cfg *rest.Config

pkg/controllers/externalsecret/externalsecret_controller.go

@@ -41,11 +41,12 @@ import (
 	// Metrics.
 	"github.com/external-secrets/external-secrets/pkg/controllers/externalsecret/esmetrics"
 	ctrlmetrics "github.com/external-secrets/external-secrets/pkg/controllers/metrics"
+	"github.com/external-secrets/external-secrets/pkg/utils"
+
 	// Loading registered generators.
 	_ "github.com/external-secrets/external-secrets/pkg/generator/register"
 	// Loading registered providers.
 	_ "github.com/external-secrets/external-secrets/pkg/provider/register"
-	"github.com/external-secrets/external-secrets/pkg/utils"
 )
 
 const (
@@ -440,12 +441,12 @@ func (r *Reconciler) patchSecret(ctx context.Context, secret *v1.Secret, mutatio
 }
 
 func getManagedDataKeys(secret *v1.Secret, fieldOwner string) ([]string, error) {
-	return getManagedFieldKeys(secret, fieldOwner, func(fields map[string]interface{}) []string {
+	return getManagedFieldKeys(secret, fieldOwner, func(fields map[string]any) []string {
 		dataFields := fields["f:data"]
 		if dataFields == nil {
 			return nil
 		}
-		df, ok := dataFields.(map[string]interface{})
+		df, ok := dataFields.(map[string]any)
 		if !ok {
 			return nil
 		}
@@ -460,7 +461,7 @@ func getManagedDataKeys(secret *v1.Secret, fieldOwner string) ([]string, error)
 func getManagedFieldKeys(
 	secret *v1.Secret,
 	fieldOwner string,
-	process func(fields map[string]interface{}) []string,
+	process func(fields map[string]any) []string,
 ) ([]string, error) {
 	fqdn := fmt.Sprintf(fieldOwnerTemplate, fieldOwner)
 	var keys []string
@@ -468,7 +469,7 @@ func getManagedFieldKeys(
 		if v.Manager != fqdn {
 			continue
 		}
-		fields := make(map[string]interface{})
+		fields := make(map[string]any)
 		err := json.Unmarshal(v.FieldsV1.Raw, &fields)
 		if err != nil {
 			return nil, fmt.Errorf("error unmarshaling managed fields: %w", err)

pkg/controllers/externalsecret/externalsecret_controller_secret.go

@@ -32,10 +32,11 @@ import (
 	genv1alpha1 "github.com/external-secrets/external-secrets/apis/generators/v1alpha1"
 	// Loading registered providers.
 	"github.com/external-secrets/external-secrets/pkg/controllers/secretstore"
+	"github.com/external-secrets/external-secrets/pkg/utils"
+
 	// Loading registered generators.
 	_ "github.com/external-secrets/external-secrets/pkg/generator/register"
 	_ "github.com/external-secrets/external-secrets/pkg/provider/register"
-	"github.com/external-secrets/external-secrets/pkg/utils"
 )
 
 // getProviderSecretData returns the provider's secret data with the provided ExternalSecret.

pkg/controllers/externalsecret/externalsecret_controller_template.go

@@ -22,9 +22,10 @@ import (
 
 	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 	"github.com/external-secrets/external-secrets/pkg/controllers/templating"
-	_ "github.com/external-secrets/external-secrets/pkg/provider/register" // Loading registered providers.
 	"github.com/external-secrets/external-secrets/pkg/template"
 	"github.com/external-secrets/external-secrets/pkg/utils"
+
+	_ "github.com/external-secrets/external-secrets/pkg/provider/register" // Loading registered providers.
 )
 
 // merge template in the following order:

pkg/controllers/externalsecret/externalsecret_controller_test.go

@@ -25,8 +25,6 @@ import (
 
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	"github.com/prometheus/client_golang/prometheus"
 	dto "github.com/prometheus/client_model/go"
 	v1 "k8s.io/api/core/v1"
@@ -43,6 +41,9 @@ import (
 	ctrlmetrics "github.com/external-secrets/external-secrets/pkg/controllers/metrics"
 	"github.com/external-secrets/external-secrets/pkg/provider/testing/fake"
 	"github.com/external-secrets/external-secrets/pkg/utils"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 var (

pkg/controllers/externalsecret/suite_test.go

@@ -20,8 +20,6 @@ import (
 	"testing"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	"go.uber.org/zap/zapcore"
 	"k8s.io/client-go/kubernetes/scheme"
 	"k8s.io/client-go/rest"
@@ -35,6 +33,9 @@ import (
 
 	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 	genv1alpha1 "github.com/external-secrets/external-secrets/apis/generators/v1alpha1"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 // These tests use Ginkgo (BDD-style Go testing framework). Refer to

pkg/controllers/pushsecret/pushsecret_controller_template.go

@@ -23,9 +23,10 @@ import (
 	"github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
 	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 	"github.com/external-secrets/external-secrets/pkg/controllers/templating"
-	_ "github.com/external-secrets/external-secrets/pkg/provider/register" // Loading registered providers.
 	"github.com/external-secrets/external-secrets/pkg/template"
 	"github.com/external-secrets/external-secrets/pkg/utils"
+
+	_ "github.com/external-secrets/external-secrets/pkg/provider/register" // Loading registered providers.
 )
 
 const (

pkg/controllers/pushsecret/pushsecret_controller_test.go

@@ -22,8 +22,6 @@ import (
 	"strconv"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
@@ -34,6 +32,9 @@ import (
 	ctest "github.com/external-secrets/external-secrets/pkg/controllers/commontest"
 	"github.com/external-secrets/external-secrets/pkg/controllers/pushsecret/psmetrics"
 	"github.com/external-secrets/external-secrets/pkg/provider/testing/fake"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 var (

pkg/controllers/pushsecret/suite_test.go

@@ -20,8 +20,6 @@ import (
 	"testing"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	"go.uber.org/zap/zapcore"
 	"k8s.io/client-go/kubernetes/scheme"
 	"k8s.io/client-go/rest"
@@ -34,6 +32,9 @@ import (
 
 	esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
 	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 // These tests use Ginkgo (BDD-style Go testing framework). Refer to

pkg/controllers/secretstore/clustersecretstore_controller.go

@@ -28,6 +28,7 @@ import (
 	esapi "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 	ctrlmetrics "github.com/external-secrets/external-secrets/pkg/controllers/metrics"
 	"github.com/external-secrets/external-secrets/pkg/controllers/secretstore/cssmetrics"
+
 	// Loading registered providers.
 	_ "github.com/external-secrets/external-secrets/pkg/provider/register"
 )

pkg/controllers/secretstore/common_test.go

@@ -18,13 +18,14 @@ import (
 	"context"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 
 	esapi "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 type testCase struct {

pkg/controllers/secretstore/secretstore_controller.go

@@ -29,6 +29,7 @@ import (
 	esapi "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 	ctrlmetrics "github.com/external-secrets/external-secrets/pkg/controllers/metrics"
 	"github.com/external-secrets/external-secrets/pkg/controllers/secretstore/ssmetrics"
+
 	// Loading registered providers.
 	_ "github.com/external-secrets/external-secrets/pkg/provider/register"
 )

pkg/controllers/secretstore/suite_test.go

@@ -19,8 +19,6 @@ import (
 	"path/filepath"
 	"testing"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	"k8s.io/client-go/kubernetes/scheme"
 	"k8s.io/client-go/rest"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -35,6 +33,9 @@ import (
 	ctrlmetrics "github.com/external-secrets/external-secrets/pkg/controllers/metrics"
 	"github.com/external-secrets/external-secrets/pkg/controllers/secretstore/cssmetrics"
 	"github.com/external-secrets/external-secrets/pkg/controllers/secretstore/ssmetrics"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 var cfg *rest.Config

pkg/controllers/templating/parser.go

@@ -151,12 +151,12 @@ func (p *Parser) MergeMap(tplMap map[string]string, target esv1beta1.TemplateTar
 }
 
 func GetManagedAnnotationKeys(secret *v1.Secret, fieldOwner string) ([]string, error) {
-	return getManagedFieldKeys(secret, fieldOwner, func(fields map[string]interface{}) []string {
+	return getManagedFieldKeys(secret, fieldOwner, func(fields map[string]any) []string {
 		metadataFields, exists := fields["f:metadata"]
 		if !exists {
 			return nil
 		}
-		mf, ok := metadataFields.(map[string]interface{})
+		mf, ok := metadataFields.(map[string]any)
 		if !ok {
 			return nil
 		}
@@ -164,7 +164,7 @@ func GetManagedAnnotationKeys(secret *v1.Secret, fieldOwner string) ([]string, e
 		if !exists {
 			return nil
 		}
-		af, ok := annotationFields.(map[string]interface{})
+		af, ok := annotationFields.(map[string]any)
 		if !ok {
 			return nil
 		}
@@ -177,12 +177,12 @@ func GetManagedAnnotationKeys(secret *v1.Secret, fieldOwner string) ([]string, e
 }
 
 func GetManagedLabelKeys(secret *v1.Secret, fieldOwner string) ([]string, error) {
-	return getManagedFieldKeys(secret, fieldOwner, func(fields map[string]interface{}) []string {
+	return getManagedFieldKeys(secret, fieldOwner, func(fields map[string]any) []string {
 		metadataFields, exists := fields["f:metadata"]
 		if !exists {
 			return nil
 		}
-		mf, ok := metadataFields.(map[string]interface{})
+		mf, ok := metadataFields.(map[string]any)
 		if !ok {
 			return nil
 		}
@@ -190,7 +190,7 @@ func GetManagedLabelKeys(secret *v1.Secret, fieldOwner string) ([]string, error)
 		if !exists {
 			return nil
 		}
-		lf, ok := labelFields.(map[string]interface{})
+		lf, ok := labelFields.(map[string]any)
 		if !ok {
 			return nil
 		}
@@ -205,7 +205,7 @@ func GetManagedLabelKeys(secret *v1.Secret, fieldOwner string) ([]string, error)
 func getManagedFieldKeys(
 	secret *v1.Secret,
 	fieldOwner string,
-	process func(fields map[string]interface{}) []string,
+	process func(fields map[string]any) []string,
 ) ([]string, error) {
 	fqdn := fmt.Sprintf(fieldOwnerTemplate, fieldOwner)
 	var keys []string
@@ -213,7 +213,7 @@ func getManagedFieldKeys(
 		if v.Manager != fqdn {
 			continue
 		}
-		fields := make(map[string]interface{})
+		fields := make(map[string]any)
 		err := json.Unmarshal(v.FieldsV1.Raw, &fields)
 		if err != nil {
 			return nil, fmt.Errorf("error unmarshaling managed fields: %w", err)

pkg/controllers/webhookconfig/suite_test.go

@@ -20,8 +20,6 @@ import (
 	"testing"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	"k8s.io/client-go/kubernetes/scheme"
 	"k8s.io/client-go/rest"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -33,6 +31,9 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/metrics/server"
 
 	esapi "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 var cfg *rest.Config

pkg/controllers/webhookconfig/webhookconfig_test.go

@@ -19,13 +19,14 @@ import (
 	"context"
 	"time"
 
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	admissionregistration "k8s.io/api/admissionregistration/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	pointer "k8s.io/utils/ptr"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
 )
 
 const defaultCACert = `-----BEGIN CERTIFICATE-----

pkg/generator/github/github.go

@@ -94,7 +94,7 @@ func (g *Generator) generate(
 	defer resp.Body.Close()
 
 	// git access token
-	var gat map[string]interface{}
+	var gat map[string]any
 	if err := json.NewDecoder(resp.Body).Decode(&gat); err != nil && resp.StatusCode >= 200 && resp.StatusCode < 300 {
 		return nil, fmt.Errorf("error decoding response: %w", err)
 	}

pkg/generator/register/register.go

@@ -12,7 +12,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-//nolint:revive
 package register
 
 // packages imported here are registered to the controller schema.

pkg/generator/vault/vault.go

@@ -83,7 +83,7 @@ func (g *Generator) generate(ctx context.Context, c *provider.Provider, jsonSpec
 	} else if res.Spec.Method == "DELETE" {
 		result, err = cl.Logical().DeleteWithContext(ctx, res.Spec.Path)
 	} else {
-		params := make(map[string]interface{})
+		params := make(map[string]any)
 		if res.Spec.Parameters != nil {
 			err = json.Unmarshal(res.Spec.Parameters.Raw, &params)
 			if err != nil {
@@ -99,7 +99,7 @@ func (g *Generator) generate(ctx context.Context, c *provider.Provider, jsonSpec
 		return nil, fmt.Errorf(errGetSecret, fmt.Errorf("empty response from Vault"))
 	}
 
-	data := make(map[string]interface{})
+	data := make(map[string]any)
 	response := make(map[string][]byte)
 	if res.Spec.ResultType == genv1alpha1.VaultDynamicSecretResultTypeAuth {
 		authJSON, err := json.Marshal(result.Auth)

pkg/provider/akeyless/akeyless_api.go

@@ -183,7 +183,7 @@ func (a *akeylessBase) GetRotatedSecrets(ctx context.Context, secretName, token
 
 	valI, ok := gsvOut["value"]
 	if ok {
-		val, convert := valI.(map[string]interface{})
+		val, convert := valI.(map[string]any)
 		if !convert {
 			return "", fmt.Errorf("failure converting key from gsvOut")
 		}

pkg/provider/alibaba/client.go

@@ -161,7 +161,7 @@ func (s *secretsManagerClient) doAPICall(ctx context.Context,
 	return s.parseResponse(resp)
 }
 
-func (s *secretsManagerClient) parseResponse(resp *http.Response) (map[string]interface{}, error) {
+func (s *secretsManagerClient) parseResponse(resp *http.Response) (map[string]any, error) {
 	statusCode := utils.Ptr(resp.StatusCode)
 	if utils.Deref(util.Is4xx(statusCode)) || utils.Deref(util.Is5xx(statusCode)) {
 		return nil, s.parseErrorResponse(resp)
@@ -192,7 +192,7 @@ func (s *secretsManagerClient) parseErrorResponse(resp *http.Response) error {
 	}
 
 	errorMap["statusCode"] = utils.Ptr(resp.StatusCode)
-	err = tea.NewSDKError(map[string]interface{}{
+	err = tea.NewSDKError(map[string]any{
 		"code":               tea.ToString(defaultAny(errorMap["Code"], errorMap["code"])),
 		"message":            fmt.Sprintf("code: %s, %s", tea.ToString(resp.StatusCode), tea.ToString(defaultAny(errorMap["Message"], errorMap["message"]))),
 		"data":               errorMap,
@@ -222,7 +222,7 @@ type openAPIRequest struct {
 func newOpenAPIRequest(endpoint string,
 	action string,
 	method methodType,
-	request interface{},
+	request any,
 ) *openAPIRequest {
 	req := &openAPIRequest{
 		endpoint: endpoint,

pkg/provider/alibaba/kms_test.go

@@ -102,7 +102,7 @@ var setNilMockClient = func(kmstc *keyManagementServiceTestCase) {
 }
 
 func TestAlibabaKMSGetSecret(t *testing.T) {
-	secretData := make(map[string]interface{})
+	secretData := make(map[string]any)
 	secretValue := "changedvalue"
 	secretData["payload"] = secretValue
 

pkg/provider/alibaba/logger.go

@@ -47,7 +47,7 @@ func newLogger() *logger {
 var _ retryablehttp.LeveledLogger = (*logger)(nil)
 var _ retryablehttp.Logger = (*logger)(nil)
 
-func (l *logger) WithField(key string, value interface{}) *logger {
+func (l *logger) WithField(key string, value any) *logger {
 	return l.WithFields(key, value)
 }
 
@@ -55,28 +55,28 @@ func (l *logger) WithError(err error) *logger {
 	return l.WithFields("error", err)
 }
 
-func (l *logger) WithFields(keysAndValues ...interface{}) *logger {
+func (l *logger) WithFields(keysAndValues ...any) *logger {
 	newLogger := *l
 	newLogger.Logger = l.Logger.WithValues(keysAndValues...)
 	return &newLogger
 }
 
-func (l *logger) Error(msg string, keysAndValues ...interface{}) {
+func (l *logger) Error(msg string, keysAndValues ...any) {
 	l.Logger.Error(nil, msg, keysAndValues...)
 }
 
-func (l *logger) Info(msg string, keysAndValues ...interface{}) {
+func (l *logger) Info(msg string, keysAndValues ...any) {
 	l.Logger.V(logLevelInfo.Level()).Info(msg, keysAndValues...)
 }
 
-func (l *logger) Debug(msg string, keysAndValues ...interface{}) {
+func (l *logger) Debug(msg string, keysAndValues ...any) {
 	l.Logger.V(logLevelDebug.Level()).Info(msg, keysAndValues...)
 }
 
-func (l *logger) Warn(msg string, keysAndValues ...interface{}) {
+func (l *logger) Warn(msg string, keysAndValues ...any) {
 	l.Logger.V(logLevelWarn.Level()).Info(msg, keysAndValues...)
 }
 
-func (l *logger) Printf(msg string, keysAndValues ...interface{}) {
+func (l *logger) Printf(msg string, keysAndValues ...any) {
 	l.Logger.Info(msg, keysAndValues...)
 }

pkg/provider/aws/provider_test.go

@@ -48,7 +48,7 @@ func TestProvider(t *testing.T) {
 	tbl := []struct {
 		test    string
 		store   esv1beta1.GenericStore
-		expType interface{}
+		expType any
 		expErr  bool
 	}{
 		{

pkg/provider/azure/keyvault/keyvault.go

@@ -369,7 +369,7 @@ func getCertificateFromValue(value []byte) (*x509.Certificate, error) {
 	return nil, fmt.Errorf("could not parse certificate value as PKCS#12, DER or PEM")
 }
 
-func getKeyFromValue(value []byte) (interface{}, error) {
+func getKeyFromValue(value []byte) (any, error) {
 	val := value
 	pemBlock, _ := pem.Decode(value)
 	// if a private key regular expression doesn't match, we should consider this key to be symmetric
@@ -553,7 +553,7 @@ func (a *Azure) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecretF
 	basicClient := a.baseClient
 	secretsMap := make(map[string][]byte)
 	checkTags := len(ref.Tags) > 0
-	checkName := ref.Name != nil && len(ref.Name.RegExp) > 0
+	checkName := ref.Name != nil && ref.Name.RegExp != ""
 
 	secretListIter, err := basicClient.GetSecretsComplete(ctx, *a.provider.VaultURL, nil)
 	metrics.ObserveAPICall(constants.ProviderAzureKV, constants.CallAzureKVGetSecrets, err)

pkg/provider/chef/fake/fake.go

@@ -57,7 +57,7 @@ func (mc *ChefMockClient) Get(name string) (user chef.User, err error) {
 func (mc *ChefMockClient) WithItem(_, _ string, _ error) {
 	if mc != nil {
 		mc.getItem = func(dataBagName, databagItemName string) (item chef.DataBagItem, err error) {
-			ret := make(map[string]interface{})
+			ret := make(map[string]any)
 			switch {
 			case dataBagName == DatabagName && databagItemName == "item01":
 				jsonstring := `{"id":"` + dataBagName + `-` + databagItemName + `","some_key":"fe7f29ede349519a1","some_password":"dolphin_123zc","some_username":"testuser"}`

pkg/provider/delinea/client_test.go

@@ -32,7 +32,7 @@ type fakeAPI struct {
 // createVaultSecret assembles a vault.Secret.
 // vault.Secret has unexported nested types, and is therefore quite
 // tricky from outside the vault package. This function facilitates easy setup.
-func createVaultSecret(path string, data map[string]interface{}) *vault.Secret {
+func createVaultSecret(path string, data map[string]any) *vault.Secret {
 	s := &vault.Secret{}
 	s.Path = path
 	s.Data = data
@@ -53,11 +53,11 @@ func newTestClient() esv1beta1.SecretsClient {
 	return &client{
 		api: &fakeAPI{
 			secrets: []*vault.Secret{
-				createVaultSecret("a", map[string]interface{}{}),
-				createVaultSecret("b", map[string]interface{}{
+				createVaultSecret("a", map[string]any{}),
+				createVaultSecret("b", map[string]any{
 					"hello": "world",
 				}),
-				createVaultSecret("c", map[string]interface{}{
+				createVaultSecret("c", map[string]any{
 					"foo": map[string]string{"bar": "baz"},
 				}),
 			},

pkg/provider/fortanix/fortanix_test.go

@@ -50,7 +50,7 @@ func newTestClient(t *testing.T, handler func(w http.ResponseWriter, r *http.Req
 	}
 }
 
-func toJSON(t *testing.T, v interface{}) []byte {
+func toJSON(t *testing.T, v any) []byte {
 	jsonBytes, err := json.Marshal(v)
 	assert.Nil(t, err)
 	return jsonBytes

pkg/provider/fortanix/provider_test.go

@@ -36,7 +36,7 @@ func pointer[T any](d T) *T {
 	return &d
 }
 
-func respondJSON(w http.ResponseWriter, data interface{}) {
+func respondJSON(w http.ResponseWriter, data any) {
 	w.Header().Set("Content-Type", "application/json")
 
 	json.NewEncoder(w).Encode(data)

pkg/provider/gitlab/fake/fake.go

@@ -42,31 +42,31 @@ func keyFromGroupVariable(gv gitlab.GroupVariable) string {
 }
 
 type GitlabMockProjectsClient struct {
-	listProjectsGroups func(pid interface{}, opt *gitlab.ListProjectGroupOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectGroup, *gitlab.Response, error)
+	listProjectsGroups func(pid any, opt *gitlab.ListProjectGroupOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectGroup, *gitlab.Response, error)
 }
 
-func (mc *GitlabMockProjectsClient) ListProjectsGroups(pid interface{}, opt *gitlab.ListProjectGroupOptions, _ ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectGroup, *gitlab.Response, error) {
+func (mc *GitlabMockProjectsClient) ListProjectsGroups(pid any, opt *gitlab.ListProjectGroupOptions, _ ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectGroup, *gitlab.Response, error) {
 	return mc.listProjectsGroups(pid, opt, nil)
 }
 
 func (mc *GitlabMockProjectsClient) WithValue(output []*gitlab.ProjectGroup, response *gitlab.Response, err error) {
 	if mc != nil {
-		mc.listProjectsGroups = func(pid interface{}, opt *gitlab.ListProjectGroupOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectGroup, *gitlab.Response, error) {
+		mc.listProjectsGroups = func(pid any, opt *gitlab.ListProjectGroupOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectGroup, *gitlab.Response, error) {
 			return output, response, err
 		}
 	}
 }
 
 type GitlabMockProjectVariablesClient struct {
-	getVariable   func(pid interface{}, key string, options ...gitlab.RequestOptionFunc) (*gitlab.ProjectVariable, *gitlab.Response, error)
-	listVariables func(pid interface{}, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectVariable, *gitlab.Response, error)
+	getVariable   func(pid any, key string, options ...gitlab.RequestOptionFunc) (*gitlab.ProjectVariable, *gitlab.Response, error)
+	listVariables func(pid any, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectVariable, *gitlab.Response, error)
 }
 
-func (mc *GitlabMockProjectVariablesClient) GetVariable(pid interface{}, key string, _ *gitlab.GetProjectVariableOptions, _ ...gitlab.RequestOptionFunc) (*gitlab.ProjectVariable, *gitlab.Response, error) {
+func (mc *GitlabMockProjectVariablesClient) GetVariable(pid any, key string, _ *gitlab.GetProjectVariableOptions, _ ...gitlab.RequestOptionFunc) (*gitlab.ProjectVariable, *gitlab.Response, error) {
 	return mc.getVariable(pid, key, nil)
 }
 
-func (mc *GitlabMockProjectVariablesClient) ListVariables(pid interface{}, _ *gitlab.ListProjectVariablesOptions, _ ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectVariable, *gitlab.Response, error) {
+func (mc *GitlabMockProjectVariablesClient) ListVariables(pid any, _ *gitlab.ListProjectVariablesOptions, _ ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectVariable, *gitlab.Response, error) {
 	return mc.listVariables(pid)
 }
 
@@ -81,9 +81,9 @@ func (mc *GitlabMockProjectVariablesClient) WithValues(responses []APIResponse[[
 	}
 }
 
-func mockGetVariable[V GitVariable](keyExtractor extractKey[V], responses []APIResponse[[]*V]) func(interface{}, string, ...gitlab.RequestOptionFunc) (*V, *gitlab.Response, error) {
+func mockGetVariable[V GitVariable](keyExtractor extractKey[V], responses []APIResponse[[]*V]) func(any, string, ...gitlab.RequestOptionFunc) (*V, *gitlab.Response, error) {
 	getCount := -1
-	return func(pid interface{}, key string, options ...gitlab.RequestOptionFunc) (*V, *gitlab.Response, error) {
+	return func(pid any, key string, options ...gitlab.RequestOptionFunc) (*V, *gitlab.Response, error) {
 		getCount++
 		if getCount > len(responses)-1 {
 			return nil, make404APIResponse(), nil
@@ -101,9 +101,9 @@ func mockGetVariable[V GitVariable](keyExtractor extractKey[V], responses []APIR
 	}
 }
 
-func mockListVariable[V GitVariable](responses []APIResponse[[]*V]) func(interface{}, ...gitlab.RequestOptionFunc) ([]*V, *gitlab.Response, error) {
+func mockListVariable[V GitVariable](responses []APIResponse[[]*V]) func(any, ...gitlab.RequestOptionFunc) ([]*V, *gitlab.Response, error) {
 	listCount := -1
-	return func(pid interface{}, options ...gitlab.RequestOptionFunc) ([]*V, *gitlab.Response, error) {
+	return func(pid any, options ...gitlab.RequestOptionFunc) ([]*V, *gitlab.Response, error) {
 		listCount++
 		if listCount > len(responses)-1 {
 			return nil, makeAPIResponse(listCount, len(responses)), nil
@@ -131,25 +131,25 @@ func makeAPIResponse(page, pages int) *gitlab.Response {
 }
 
 type GitlabMockGroupVariablesClient struct {
-	getVariable   func(gid interface{}, key string, options ...gitlab.RequestOptionFunc) (*gitlab.GroupVariable, *gitlab.Response, error)
-	listVariables func(gid interface{}, options ...gitlab.RequestOptionFunc) ([]*gitlab.GroupVariable, *gitlab.Response, error)
+	getVariable   func(gid any, key string, options ...gitlab.RequestOptionFunc) (*gitlab.GroupVariable, *gitlab.Response, error)
+	listVariables func(gid any, options ...gitlab.RequestOptionFunc) ([]*gitlab.GroupVariable, *gitlab.Response, error)
 }
 
-func (mc *GitlabMockGroupVariablesClient) GetVariable(gid interface{}, key string, _ ...gitlab.RequestOptionFunc) (*gitlab.GroupVariable, *gitlab.Response, error) {
+func (mc *GitlabMockGroupVariablesClient) GetVariable(gid any, key string, _ ...gitlab.RequestOptionFunc) (*gitlab.GroupVariable, *gitlab.Response, error) {
 	return mc.getVariable(gid, key, nil)
 }
 
-func (mc *GitlabMockGroupVariablesClient) ListVariables(gid interface{}, _ *gitlab.ListGroupVariablesOptions, _ ...gitlab.RequestOptionFunc) ([]*gitlab.GroupVariable, *gitlab.Response, error) {
+func (mc *GitlabMockGroupVariablesClient) ListVariables(gid any, _ *gitlab.ListGroupVariablesOptions, _ ...gitlab.RequestOptionFunc) ([]*gitlab.GroupVariable, *gitlab.Response, error) {
 	return mc.listVariables(gid)
 }
 
 func (mc *GitlabMockGroupVariablesClient) WithValue(output *gitlab.GroupVariable, response *gitlab.Response, err error) {
 	if mc != nil {
-		mc.getVariable = func(gid interface{}, key string, options ...gitlab.RequestOptionFunc) (*gitlab.GroupVariable, *gitlab.Response, error) {
+		mc.getVariable = func(gid any, key string, options ...gitlab.RequestOptionFunc) (*gitlab.GroupVariable, *gitlab.Response, error) {
 			return output, response, err
 		}
 
-		mc.listVariables = func(gid interface{}, options ...gitlab.RequestOptionFunc) ([]*gitlab.GroupVariable, *gitlab.Response, error) {
+		mc.listVariables = func(gid any, options ...gitlab.RequestOptionFunc) ([]*gitlab.GroupVariable, *gitlab.Response, error) {
 			return []*gitlab.GroupVariable{output}, response, err
 		}
 	}

pkg/provider/gitlab/gitlab.go

@@ -57,17 +57,17 @@ var _ esv1beta1.SecretsClient = &gitlabBase{}
 var _ esv1beta1.Provider = &Provider{}
 
 type ProjectsClient interface {
-	ListProjectsGroups(pid interface{}, opt *gitlab.ListProjectGroupOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectGroup, *gitlab.Response, error)
+	ListProjectsGroups(pid any, opt *gitlab.ListProjectGroupOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectGroup, *gitlab.Response, error)
 }
 
 type ProjectVariablesClient interface {
-	GetVariable(pid interface{}, key string, opt *gitlab.GetProjectVariableOptions, options ...gitlab.RequestOptionFunc) (*gitlab.ProjectVariable, *gitlab.Response, error)
-	ListVariables(pid interface{}, opt *gitlab.ListProjectVariablesOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectVariable, *gitlab.Response, error)
+	GetVariable(pid any, key string, opt *gitlab.GetProjectVariableOptions, options ...gitlab.RequestOptionFunc) (*gitlab.ProjectVariable, *gitlab.Response, error)
+	ListVariables(pid any, opt *gitlab.ListProjectVariablesOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.ProjectVariable, *gitlab.Response, error)
 }
 
 type GroupVariablesClient interface {
-	GetVariable(gid interface{}, key string, options ...gitlab.RequestOptionFunc) (*gitlab.GroupVariable, *gitlab.Response, error)
-	ListVariables(gid interface{}, opt *gitlab.ListGroupVariablesOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.GroupVariable, *gitlab.Response, error)
+	GetVariable(gid any, key string, options ...gitlab.RequestOptionFunc) (*gitlab.GroupVariable, *gitlab.Response, error)
+	ListVariables(gid any, opt *gitlab.ListGroupVariablesOptions, options ...gitlab.RequestOptionFunc) ([]*gitlab.GroupVariable, *gitlab.Response, error)
 }
 
 type ProjectGroupPathSorter []*gitlab.ProjectGroup

pkg/provider/gitlab/gitlab_test.go

@@ -363,7 +363,7 @@ func TestNewClient(t *testing.T) {
 	tassert.NotNil(t, secretClient)
 }
 
-func toJSON(t *testing.T, v interface{}) []byte {
+func toJSON(t *testing.T, v any) []byte {
 	jsonBytes, err := json.Marshal(v)
 	tassert.Nil(t, err)
 	return jsonBytes

pkg/provider/ibm/provider.go

@@ -509,7 +509,7 @@ func (ibm *providerIBM) GetSecretMap(_ context.Context, ref esv1beta1.ExternalSe
 		if err != nil {
 			return nil, err
 		}
-		m := make(map[string]interface{})
+		m := make(map[string]any)
 		err = json.Unmarshal(secret, &m)
 		if err != nil {
 			return nil, fmt.Errorf(errJSONSecretUnmarshal, err)
@@ -522,7 +522,7 @@ func (ibm *providerIBM) GetSecretMap(_ context.Context, ref esv1beta1.ExternalSe
 	}
 }
 
-func byteArrayMap(secretData map[string]interface{}, secretMap map[string][]byte) map[string][]byte {
+func byteArrayMap(secretData map[string]any, secretMap map[string][]byte) map[string][]byte {
 	var err error
 	for k, v := range secretData {
 		secretMap[k], err = utils.GetByteValue(v)
@@ -694,15 +694,15 @@ func init() {
 }
 
 // populateSecretMap populates the secretMap with metadata information that is pulled from IBM provider.
-func populateSecretMap(secretMap map[string][]byte, secretDataMap map[string]interface{}) map[string][]byte {
+func populateSecretMap(secretMap map[string][]byte, secretDataMap map[string]any) map[string][]byte {
 	for key, value := range secretDataMap {
 		secretMap[key] = []byte(fmt.Sprintf("%v", value))
 	}
 	return secretMap
 }
 
-func formSecretMap(secretData interface{}) (map[string]interface{}, error) {
-	secretDataMap := make(map[string]interface{})
+func formSecretMap(secretData any) (map[string]any, error) {
+	secretDataMap := make(map[string]any)
 	data, err := json.Marshal(secretData)
 	if err != nil {
 		return nil, fmt.Errorf(errJSONSecretMarshal, err)

pkg/provider/ibm/provider_test.go

@@ -444,10 +444,10 @@ func TestIBMSecretManagerGetSecret(t *testing.T) {
 	// bad case: private_cert type without property
 	badSecretPrivateCert := funcSetCertSecretTest(privateCert, "bad case: private_cert type without property", sm.Secret_SecretType_PrivateCert, false)
 
-	secretDataKV := make(map[string]interface{})
+	secretDataKV := make(map[string]any)
 	secretDataKV["key1"] = "val1"
 
-	secretDataKVComplex := make(map[string]interface{})
+	secretDataKVComplex := make(map[string]any)
 	secretKVComplex := `{"key1":"val1","key2":"val2","key3":"val3","keyC":{"keyC1":"valC1","keyC2":"valC2"},"special.log":"file-content"}`
 	json.Unmarshal([]byte(secretKVComplex), &secretDataKVComplex)
 
@@ -599,10 +599,10 @@ func TestGetSecretMap(t *testing.T) {
 	secretIntermediate := "intermediate_value"
 	timeValue := "0001-01-01T00:00:00.000Z"
 
-	secretComplex := map[string]interface{}{
+	secretComplex := map[string]any{
 		"key1": "val1",
 		"key2": "val2",
-		"keyC": map[string]interface{}{
+		"keyC": map[string]any{
 			"keyC1": map[string]string{
 				"keyA": "valA",
 				"keyB": "valB",

pkg/provider/keepersecurity/client.go

@@ -72,14 +72,14 @@ type SecurityClient interface {
 }
 
 type Field struct {
-	Type  string        `json:"type"`
-	Value []interface{} `json:"value"`
+	Type  string `json:"type"`
+	Value []any  `json:"value"`
 }
 
 type CustomField struct {
-	Type  string        `json:"type"`
-	Label string        `json:"label"`
-	Value []interface{} `json:"value"`
+	Type  string `json:"type"`
+	Label string `json:"label"`
+	Value []any  `json:"value"`
 }
 
 type File struct {
@@ -406,7 +406,7 @@ func (s *Secret) getItems(ref esv1beta1.ExternalSecretDataRemoteRef) (map[string
 	return secretData, nil
 }
 
-func getFieldValue(value []interface{}) []byte {
+func getFieldValue(value []any) []byte {
 	if len(value) < 1 {
 		return []byte{}
 	} else if len(value) == 1 {

pkg/provider/keepersecurity/client_test.go

@@ -639,7 +639,7 @@ func generateRecords() []*ksm.Record {
 		if i == 0 {
 			record = ksm.Record{
 				Uid: fmt.Sprintf(RecordNameFormat, i),
-				RecordDict: map[string]interface{}{
+				RecordDict: map[string]any{
 					"type":      externalSecretType,
 					"folderUID": folderID,
 				},
@@ -647,7 +647,7 @@ func generateRecords() []*ksm.Record {
 		} else {
 			record = ksm.Record{
 				Uid: fmt.Sprintf(RecordNameFormat, i),
-				RecordDict: map[string]interface{}{
+				RecordDict: map[string]any{
 					"type":      LoginType,
 					"folderUID": folderID,
 				},

pkg/provider/kubernetes/client.go

@@ -232,7 +232,7 @@ func getMapFromValues(property, jsonStr string) (map[string][]byte, error) {
 	val := gjson.Get(jsonStr, property)
 	if val.Exists() {
 		retMap := make(map[string][]byte)
-		var tmpMap map[string]interface{}
+		var tmpMap map[string]any
 		decoded, err := base64.StdEncoding.DecodeString(val.String())
 		if err != nil {
 			return nil, err

pkg/provider/onboardbase/client.go

@@ -150,7 +150,7 @@ func (c *Client) GetSecret(_ context.Context, ref esv1beta1.ExternalSecretDataRe
 
 	value := secret.Value
 
-	if len(ref.Property) > 0 {
+	if ref.Property != "" {
 		jsonRes := gjson.Get(secret.Value, ref.Property)
 		if !jsonRes.Exists() {
 			return nil, fmt.Errorf(errSecretKeyFmt, ref.Property, ref.Key)

pkg/provider/onepassword/fake/fake.go

@@ -202,22 +202,22 @@ func (mockClient *OnePasswordMockClient) DownloadFile(_ *onepassword.File, _ str
 }
 
 // LoadStructFromItemByUUID unused fake.
-func (mockClient *OnePasswordMockClient) LoadStructFromItemByUUID(_ interface{}, _, _ string) error {
+func (mockClient *OnePasswordMockClient) LoadStructFromItemByUUID(_ any, _, _ string) error {
 	return nil
 }
 
 // LoadStructFromItemByTitle unused fake.
-func (mockClient *OnePasswordMockClient) LoadStructFromItemByTitle(_ interface{}, _, _ string) error {
+func (mockClient *OnePasswordMockClient) LoadStructFromItemByTitle(_ any, _, _ string) error {
 	return nil
 }
 
 // LoadStructFromItem unused fake.
-func (mockClient *OnePasswordMockClient) LoadStructFromItem(_ interface{}, _, _ string) error {
+func (mockClient *OnePasswordMockClient) LoadStructFromItem(_ any, _, _ string) error {
 	return nil
 }
 
 // LoadStructunused fake.
-func (mockClient *OnePasswordMockClient) LoadStruct(_ interface{}) error {
+func (mockClient *OnePasswordMockClient) LoadStruct(_ any) error {
 	return nil
 }
 

pkg/provider/oracle/oracle.go

@@ -350,7 +350,7 @@ func (vms *VaultManagementService) getSecretBundleWithCode(ctx context.Context,
 func getSecretBundleCode(err error) int {
 	if err != nil {
 		// If we got a 404 service error, try to create the secret.
-		//nolint:all
+
 		if serviceErr, ok := err.(common.ServiceError); ok && serviceErr.GetHTTPStatusCode() == 404 {
 			return SecretNotFound
 		}
@@ -593,7 +593,7 @@ func sanitizeOCISDKErr(err error) error {
 		return nil
 	}
 	// If we have a ServiceError from the OCI SDK, strip only the message from the verbose error
-	//nolint:all
+
 	if serviceError, ok := err.(common.ServiceErrorRichInfo); ok {
 		return fmt.Errorf("%s service failed to %s, HTTP status code %d: %s", serviceError.GetTargetService(), serviceError.GetOperationName(), serviceError.GetHTTPStatusCode(), serviceError.GetMessage())
 	}

pkg/provider/passworddepot/passworddepot_api_test.go

@@ -271,7 +271,7 @@ func TestPasswortDepotApiGetSecret(t *testing.T) {
 	}
 }
 
-func createResponder(payload interface{}, withMarshal bool) func(*http.Request) (*http.Response, error) {
+func createResponder(payload any, withMarshal bool) func(*http.Request) (*http.Response, error) {
 	return func(req *http.Request) (*http.Response, error) {
 		var payloadBytes []byte
 		if withMarshal {

pkg/provider/pulumi/pulumi.go

@@ -79,7 +79,7 @@ func (c *client) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretD
 		return nil, fmt.Errorf(errGettingSecrets, ref.Key, err)
 	}
 
-	kv := make(map[string]interface{})
+	kv := make(map[string]any)
 	err = json.Unmarshal(data, &kv)
 	if err != nil {
 		return nil, fmt.Errorf(errUnmarshalSecret, err)

pkg/provider/register/register.go

@@ -12,7 +12,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-//nolint:revive
 package register
 
 // packages imported here are registered to the controller schema.

pkg/provider/scaleway/client.go

@@ -375,7 +375,7 @@ func (c *client) Close(context.Context) error {
 func (c *client) accessSecretVersion(ctx context.Context, secretRef *scwSecretRef, versionSpec string) ([]byte, error) {
 	// if we have a secret id and a revision number, we can avoid an extra GetSecret()
 
-	if secretRef.RefType == refTypeID && len(versionSpec) > 0 && '0' <= versionSpec[0] && versionSpec[0] <= '9' {
+	if secretRef.RefType == refTypeID && versionSpec != "" && '0' <= versionSpec[0] && versionSpec[0] <= '9' {
 		secretID := secretRef.Value
 
 		revision, err := strconv.ParseUint(versionSpec, 10, 32)

pkg/provider/vault/auth_iam.go

@@ -115,8 +115,8 @@ func (c *client) requestTokenWithIamAuth(ctx context.Context, iamAuth *esv1beta1
 
 		// let's fetch the namespace and serviceaccount from parsed jwt token
 		if claims, ok := token.Claims.(jwt.MapClaims); ok {
-			ns = claims["kubernetes.io"].(map[string]interface{})["namespace"].(string)
-			sa = claims["kubernetes.io"].(map[string]interface{})["serviceaccount"].(map[string]interface{})["name"].(string)
+			ns = claims["kubernetes.io"].(map[string]any)["namespace"].(string)
+			sa = claims["kubernetes.io"].(map[string]any)["serviceaccount"].(map[string]any)["name"].(string)
 		} else {
 			return fmt.Errorf(errPodInfoNotFoundOnToken, tokenFile, err)
 		}

pkg/provider/vault/auth_jwt.go

@@ -72,7 +72,7 @@ func (c *client) requestTokenWithJwtAuth(ctx context.Context, jwtAuth *esv1beta1
 		return err
 	}
 
-	parameters := map[string]interface{}{
+	parameters := map[string]any{
 		"role": role,
 		"jwt":  jwt,
 	}

pkg/provider/vault/client_get.go

@@ -45,7 +45,7 @@ const (
 //  2. get a key from the secret.
 //     Nested values are supported by specifying a gjson expression
 func (c *client) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error) {
-	var data map[string]interface{}
+	var data map[string]any
 	var err error
 	if ref.MetadataPolicy == esv1beta1.ExternalSecretMetadataPolicyFetch {
 		if c.store.Version == esv1beta1.VaultKVStoreV1 {
@@ -59,7 +59,7 @@ func (c *client) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretData
 		if len(metadata) == 0 {
 			return nil, nil
 		}
-		data = make(map[string]interface{}, len(metadata))
+		data = make(map[string]any, len(metadata))
 		for k, v := range metadata {
 			data[k] = v
 		}
@@ -82,7 +82,7 @@ func (c *client) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretD
 		return nil, err
 	}
 
-	var secretData map[string]interface{}
+	var secretData map[string]any
 	err = json.Unmarshal(data, &secretData)
 	if err != nil {
 		return nil, err
@@ -117,7 +117,7 @@ func (c *client) SecretExists(ctx context.Context, ref esv1beta1.PushSecretRemot
 	return value != nil, nil
 }
 
-func (c *client) readSecret(ctx context.Context, path, version string) (map[string]interface{}, error) {
+func (c *client) readSecret(ctx context.Context, path, version string) (map[string]any, error) {
 	dataPath := c.buildPath(path)
 
 	// path formated according to vault docs for v1 and v2 API
@@ -147,7 +147,7 @@ func (c *client) readSecret(ctx context.Context, path, version string) (map[stri
 		if dataInt == nil {
 			return nil, esv1beta1.NoSecretError{}
 		}
-		secretData, ok = dataInt.(map[string]interface{})
+		secretData, ok = dataInt.(map[string]any)
 		if !ok {
 			return nil, errors.New(errJSONUnmarshall)
 		}
@@ -156,7 +156,7 @@ func (c *client) readSecret(ctx context.Context, path, version string) (map[stri
 	return secretData, nil
 }
 
-func getSecretValue(data map[string]interface{}, property string) ([]byte, error) {
+func getSecretValue(data map[string]any, property string) ([]byte, error) {
 	if data == nil {
 		return nil, esv1beta1.NoSecretError{}
 	}
@@ -202,7 +202,7 @@ func (c *client) readSecretMetadata(ctx context.Context, path string) (map[strin
 	if !ok {
 		return nil, nil
 	}
-	d, ok := t.(map[string]interface{})
+	d, ok := t.(map[string]any)
 	if !ok {
 		return metadata, nil
 	}

pkg/provider/vault/client_get_all_secrets.go

@@ -124,7 +124,7 @@ func (c *client) listSecrets(ctx context.Context, path string) ([]string, error)
 	if !ok {
 		return nil, nil
 	}
-	paths := t.([]interface{})
+	paths := t.([]any)
 	for _, p := range paths {
 		strPath := p.(string)
 		fullPath := path + strPath // because path always ends with a /

pkg/provider/vault/client_get_all_secrets_test.go

@@ -35,84 +35,84 @@ func TestGetAllSecrets(t *testing.T) {
 	path2Bytes := []byte("{\"access_key\":\"path2\",\"access_secret\":\"path2\"}")
 	tagBytes := []byte("{\"access_key\":\"unfetched\",\"access_secret\":\"unfetched\"}")
 	path := "path"
-	secret := map[string]interface{}{
-		"secret1": map[string]interface{}{
-			"metadata": map[string]interface{}{
-				"custom_metadata": map[string]interface{}{
+	secret := map[string]any{
+		"secret1": map[string]any{
+			"metadata": map[string]any{
+				"custom_metadata": map[string]any{
 					"foo": "bar",
 				},
 			},
-			"data": map[string]interface{}{
+			"data": map[string]any{
 				"access_key":    "access_key",
 				"access_secret": "access_secret",
 			},
 		},
-		"secret2": map[string]interface{}{
-			"metadata": map[string]interface{}{
-				"custom_metadata": map[string]interface{}{
+		"secret2": map[string]any{
+			"metadata": map[string]any{
+				"custom_metadata": map[string]any{
 					"foo": "baz",
 				},
 			},
-			"data": map[string]interface{}{
+			"data": map[string]any{
 				"access_key":    "access_key2",
 				"access_secret": "access_secret2",
 			},
 		},
-		"secret3": map[string]interface{}{
-			"metadata": map[string]interface{}{
-				"custom_metadata": map[string]interface{}{
+		"secret3": map[string]any{
+			"metadata": map[string]any{
+				"custom_metadata": map[string]any{
 					"foo": "baz",
 				},
 			},
 			"data": nil,
 		},
-		"tag": map[string]interface{}{
-			"metadata": map[string]interface{}{
-				"custom_metadata": map[string]interface{}{
+		"tag": map[string]any{
+			"metadata": map[string]any{
+				"custom_metadata": map[string]any{
 					"foo": "baz",
 				},
 			},
-			"data": map[string]interface{}{
+			"data": map[string]any{
 				"access_key":    "unfetched",
 				"access_secret": "unfetched",
 			},
 		},
-		"path/1": map[string]interface{}{
-			"metadata": map[string]interface{}{
-				"custom_metadata": map[string]interface{}{
+		"path/1": map[string]any{
+			"metadata": map[string]any{
+				"custom_metadata": map[string]any{
 					"foo": "path",
 				},
 			},
-			"data": map[string]interface{}{
+			"data": map[string]any{
 				"access_key":    "path1",
 				"access_secret": "path1",
 			},
 		},
-		"path/2": map[string]interface{}{
-			"metadata": map[string]interface{}{
-				"custom_metadata": map[string]interface{}{
+		"path/2": map[string]any{
+			"metadata": map[string]any{
+				"custom_metadata": map[string]any{
 					"foo": "path",
 				},
 			},
-			"data": map[string]interface{}{
+			"data": map[string]any{
 				"access_key":    "path2",
 				"access_secret": "path2",
 			},
 		},
-		"default": map[string]interface{}{
-			"data": map[string]interface{}{
+		"default": map[string]any{
+			"data": map[string]any{
 				"empty": "true",
 			},
-			"metadata": map[string]interface{}{
-				"keys": []interface{}{"secret1", "secret2", "secret3", "tag", "path/"},
+			"metadata": map[string]any{
+				"keys": []any{"secret1", "secret2", "secret3", "tag", "path/"},
 			},
 		},
-		"path/": map[string]interface{}{
-			"data": map[string]interface{}{
+		"path/": map[string]any{
+			"data": map[string]any{
 				"empty": "true",
 			},
-			"metadata": map[string]interface{}{
-				"keys": []interface{}{"1", "2"},
+			"metadata": map[string]any{
+				"keys": []any{"1", "2"},
 			},
 		},
 	}
@@ -260,7 +260,7 @@ func TestGetAllSecrets(t *testing.T) {
 	}
 }
 
-func newListWithContextFn(secrets map[string]interface{}) func(ctx context.Context, path string) (*vault.Secret, error) {
+func newListWithContextFn(secrets map[string]any) func(ctx context.Context, path string) (*vault.Secret, error) {
 	return func(ctx context.Context, path string) (*vault.Secret, error) {
 		path = strings.TrimPrefix(path, "secret/metadata/")
 		if path == "" {
@@ -270,10 +270,10 @@ func newListWithContextFn(secrets map[string]interface{}) func(ctx context.Conte
 		if !ok {
 			return nil, errors.New("Secret not found")
 		}
-		meta := data.(map[string]interface{})
-		ans := meta["metadata"].(map[string]interface{})
+		meta := data.(map[string]any)
+		ans := meta["metadata"].(map[string]any)
 		secret := &vault.Secret{
-			Data: map[string]interface{}{
+			Data: map[string]any{
 				"keys": ans["keys"],
 			},
 		}
@@ -281,7 +281,7 @@ func newListWithContextFn(secrets map[string]interface{}) func(ctx context.Conte
 	}
 }
 
-func newReadtWithContextFn(secrets map[string]interface{}) func(ctx context.Context, path string, data map[string][]string) (*vault.Secret, error) {
+func newReadtWithContextFn(secrets map[string]any) func(ctx context.Context, path string, data map[string][]string) (*vault.Secret, error) {
 	return func(ctx context.Context, path string, d map[string][]string) (*vault.Secret, error) {
 		path = strings.TrimPrefix(path, "secret/data/")
 		path = strings.TrimPrefix(path, "secret/metadata/")
@@ -292,9 +292,9 @@ func newReadtWithContextFn(secrets map[string]interface{}) func(ctx context.Cont
 		if !ok {
 			return nil, errors.New("Secret not found")
 		}
-		meta := data.(map[string]interface{})
-		metadata := meta["metadata"].(map[string]interface{})
-		content := map[string]interface{}{
+		meta := data.(map[string]any)
+		metadata := meta["metadata"].(map[string]any)
+		content := map[string]any{
 			"data":            meta["data"],
 			"custom_metadata": metadata["custom_metadata"],
 		}

pkg/provider/vault/client_get_test.go

@@ -34,16 +34,16 @@ import (
 
 func TestGetSecret(t *testing.T) {
 	errBoom := errors.New("boom")
-	secret := map[string]interface{}{
+	secret := map[string]any{
 		"access_key":    "access_key",
 		"access_secret": "access_secret",
 	}
-	secretWithNilVal := map[string]interface{}{
+	secretWithNilVal := map[string]any{
 		"access_key":    "access_key",
 		"access_secret": "access_secret",
 		"token":         nil,
 	}
-	secretWithNestedVal := map[string]interface{}{
+	secretWithNestedVal := map[string]any{
 		"access_key":    "access_key",
 		"access_secret": "access_secret",
 		"nested.bar":    "something different",
@@ -350,30 +350,30 @@ func TestGetSecret(t *testing.T) {
 
 func TestGetSecretMap(t *testing.T) {
 	errBoom := errors.New("boom")
-	secret := map[string]interface{}{
+	secret := map[string]any{
 		"access_key":    "access_key",
 		"access_secret": "access_secret",
 	}
-	secretWithSpecialCharacter := map[string]interface{}{
+	secretWithSpecialCharacter := map[string]any{
 		"access_key":    "acc<ess_&ke.,y",
 		"access_secret": "acce&?ss_s>ecret",
 	}
-	secretWithNilVal := map[string]interface{}{
+	secretWithNilVal := map[string]any{
 		"access_key":    "access_key",
 		"access_secret": "access_secret",
 		"token":         nil,
 	}
-	secretWithNestedVal := map[string]interface{}{
+	secretWithNestedVal := map[string]any{
 		"access_key":    "access_key",
 		"access_secret": "access_secret",
-		"nested": map[string]interface{}{
+		"nested": map[string]any{
 			"foo": map[string]string{
 				"oke":    "yup",
 				"mhkeih": "yada yada",
 			},
 		},
 	}
-	secretWithTypes := map[string]interface{}{
+	secretWithTypes := map[string]any{
 		"access_secret": "access_secret",
 		"f32":           float32(2.12),
 		"f64":           float64(2.1234534153423423),
@@ -421,7 +421,7 @@ func TestGetSecretMap(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vClient: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"data": secret,
 					}, nil),
 				},
@@ -455,7 +455,7 @@ func TestGetSecretMap(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vClient: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"data": secretWithSpecialCharacter,
 					}, nil),
 				},
@@ -490,7 +490,7 @@ func TestGetSecretMap(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vClient: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"data": secretWithNilVal}, nil),
 				},
 			},
@@ -508,7 +508,7 @@ func TestGetSecretMap(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vClient: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"data": secretWithTypes}, nil),
 				},
 			},
@@ -532,7 +532,7 @@ func TestGetSecretMap(t *testing.T) {
 					Property: "nested",
 				},
 				vClient: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"data": secretWithNestedVal}, nil),
 				},
 			},
@@ -551,7 +551,7 @@ func TestGetSecretMap(t *testing.T) {
 					Property: "nested.foo",
 				},
 				vClient: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"data": secretWithNestedVal}, nil),
 				},
 			},
@@ -697,10 +697,10 @@ func TestGetSecretPath(t *testing.T) {
 }
 
 func TestSecretExists(t *testing.T) {
-	secret := map[string]interface{}{
+	secret := map[string]any{
 		"foo": "bar",
 	}
-	secretWithNil := map[string]interface{}{
+	secretWithNil := map[string]any{
 		"hi": nil,
 	}
 	errNope := errors.New("nope")
@@ -751,7 +751,7 @@ func TestSecretExists(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vClient: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"data": secret,
 					}, nil),
 				},
@@ -795,7 +795,7 @@ func TestSecretExists(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vClient: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"data": secret,
 					}, nil),
 				},
@@ -825,7 +825,7 @@ func TestSecretExists(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vClient: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"data": secretWithNil,
 					}, nil),
 				},

pkg/provider/vault/client_push.go

@@ -48,12 +48,12 @@ func (c *client) PushSecret(ctx context.Context, secret *corev1.Secret, data esv
 	} else {
 		value = secret.Data[key]
 	}
-	label := map[string]interface{}{
+	label := map[string]any{
 		"custom_metadata": map[string]string{
 			"managed-by": "external-secrets",
 		},
 	}
-	secretVal := make(map[string]interface{})
+	secretVal := make(map[string]any)
 	path := c.buildPath(data.GetRemoteKey())
 	metaPath, err := c.buildMetadataPath(data.GetRemoteKey())
 	if err != nil {
@@ -124,7 +124,7 @@ func (c *client) PushSecret(ctx context.Context, secret *corev1.Secret, data esv
 		secretToPush["custom_metadata"] = label["custom_metadata"]
 	}
 	if c.store.Version == esv1beta1.VaultKVStoreV2 {
-		secretToPush = map[string]interface{}{
+		secretToPush = map[string]any{
 			"data": secretVal,
 		}
 	}
@@ -178,7 +178,7 @@ func (c *client) DeleteSecret(ctx context.Context, remoteRef esv1beta1.PushSecre
 		if len(secretVal) > 0 {
 			secretToPush := secretVal
 			if c.store.Version == esv1beta1.VaultKVStoreV2 {
-				secretToPush = map[string]interface{}{
+				secretToPush = map[string]any{
 					"data": secretVal,
 				}
 			}

pkg/provider/vault/client_push_test.go

@@ -113,9 +113,9 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						fakeKey: fakeValue,
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: "another-secret-tool",
 						},
 					}, nil),
@@ -132,11 +132,11 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							fakeKey: fakeValue,
 						},
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: "another-secret-tool",
 						},
 					}, nil),
@@ -153,9 +153,9 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						fakeKey: fakeValue,
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -172,11 +172,11 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							fakeKey: fakeValue,
 						},
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -193,9 +193,9 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						fakeKey: fakeValue,
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -212,11 +212,11 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							fakeKey: fakeValue,
 						},
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -234,16 +234,16 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						fakeKey: fakeValue,
 						"foo":   "bar",
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
-					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]interface{}{
+					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]any{
 						"foo": "bar",
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						}}),
 					DeleteWithContextFn: fake.ExpectDeleteWithContextNoCall(),
@@ -259,16 +259,16 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							fakeKey: fakeValue,
 							"foo":   "bar",
 						},
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
-					WriteWithContextFn:  fake.ExpectWriteWithContextValue(map[string]interface{}{"data": map[string]interface{}{"foo": "bar"}}),
+					WriteWithContextFn:  fake.ExpectWriteWithContextValue(map[string]any{"data": map[string]any{"foo": "bar"}}),
 					DeleteWithContextFn: fake.ExpectDeleteWithContextNoCall(),
 				},
 			},
@@ -282,9 +282,9 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"foo": "bar",
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -302,11 +302,11 @@ func TestDeleteSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							"foo": "bar",
 						},
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -421,9 +421,9 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						fakeKey: fakeValue,
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -438,11 +438,11 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							fakeKey: fakeValue,
 						},
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -459,13 +459,13 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						fakeKey: fakeValue,
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
-					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]interface{}{
+					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]any{
 						fakeKey: fakeValue,
 						"custom_metadata": map[string]string{
 							managedBy: managedByESO,
@@ -485,15 +485,15 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							fakeKey: fakeValue,
 						},
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
-					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]interface{}{"data": map[string]interface{}{fakeKey: fakeValue, "foo": fakeValue}}),
+					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]any{"data": map[string]any{fakeKey: fakeValue, "foo": fakeValue}}),
 				},
 			},
 			want: want{
@@ -507,13 +507,13 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"foo": fakeValue,
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
-					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]interface{}{
+					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]any{
 						"foo": "new-value",
 						"custom_metadata": map[string]string{
 							managedBy: managedByESO,
@@ -532,15 +532,15 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							"foo": fakeValue,
 						},
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
-					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]interface{}{"data": map[string]interface{}{"foo": "new-value"}}),
+					WriteWithContextFn: fake.ExpectWriteWithContextValue(map[string]any{"data": map[string]any{"foo": "new-value"}}),
 				},
 			},
 			want: want{
@@ -554,9 +554,9 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						"foo": fakeValue,
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -574,11 +574,11 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							"foo": fakeValue,
 						},
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: managedByESO,
 						},
 					}, nil),
@@ -618,9 +618,9 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV1).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
 						fakeKey: "fake-value2",
-						"custom_metadata": map[string]interface{}{
+						"custom_metadata": map[string]any{
 							managedBy: "not-external-secrets",
 						},
 					}, nil),
@@ -635,10 +635,10 @@ func TestPushSecret(t *testing.T) {
 			args: args{
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
-					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]interface{}{
-						"data": map[string]interface{}{
+					ReadWithDataWithContextFn: fake.NewReadWithContextFn(map[string]any{
+						"data": map[string]any{
 							fakeKey: "fake-value2",
-							"custom_metadata": map[string]interface{}{
+							"custom_metadata": map[string]any{
 								managedBy: "not-external-secrets",
 							},
 						},
@@ -655,7 +655,7 @@ func TestPushSecret(t *testing.T) {
 				store: makeValidSecretStoreWithVersion(esv1beta1.VaultKVStoreV2).Spec.Provider.Vault,
 				vLogical: &fake.Logical{
 					ReadWithDataWithContextFn: fake.NewReadWithContextFn(nil, nil),
-					WriteWithContextFn:        fake.ExpectWriteWithContextValue(map[string]interface{}{"data": map[string]interface{}{"key1": "value1", "key2": "value2"}}),
+					WriteWithContextFn:        fake.ExpectWriteWithContextValue(map[string]any{"data": map[string]any{"key1": "value1", "key2": "value2"}}),
 				},
 			},
 			data:   &testingfake.PushSecretData{SecretKey: "", RemoteKey: "secret", Property: ""},

pkg/provider/vault/fake/vault.go

@@ -37,7 +37,7 @@ func (f Auth) Login(ctx context.Context, authMethod vault.AuthMethod) (*vault.Se
 
 type ReadWithDataWithContextFn func(ctx context.Context, path string, data map[string][]string) (*vault.Secret, error)
 type ListWithContextFn func(ctx context.Context, path string) (*vault.Secret, error)
-type WriteWithContextFn func(ctx context.Context, path string, data map[string]interface{}) (*vault.Secret, error)
+type WriteWithContextFn func(ctx context.Context, path string, data map[string]any) (*vault.Secret, error)
 type DeleteWithContextFn func(ctx context.Context, path string) (*vault.Secret, error)
 type Logical struct {
 	ReadWithDataWithContextFn ReadWithDataWithContextFn
@@ -49,7 +49,7 @@ type Logical struct {
 func (f Logical) DeleteWithContext(ctx context.Context, path string) (*vault.Secret, error) {
 	return f.DeleteWithContextFn(ctx, path)
 }
-func NewDeleteWithContextFn(secret map[string]interface{}, err error) DeleteWithContextFn {
+func NewDeleteWithContextFn(secret map[string]any, err error) DeleteWithContextFn {
 	return func(ctx context.Context, path string) (*vault.Secret, error) {
 		vault := &vault.Secret{
 			Data: secret,
@@ -58,7 +58,7 @@ func NewDeleteWithContextFn(secret map[string]interface{}, err error) DeleteWith
 	}
 }
 
-func NewReadWithContextFn(secret map[string]interface{}, err error) ReadWithDataWithContextFn {
+func NewReadWithContextFn(secret map[string]any, err error) ReadWithDataWithContextFn {
 	return func(ctx context.Context, path string, data map[string][]string) (*vault.Secret, error) {
 		if secret == nil {
 			return nil, err
@@ -70,12 +70,12 @@ func NewReadWithContextFn(secret map[string]interface{}, err error) ReadWithData
 	}
 }
 
-func NewReadMetadataWithContextFn(secret map[string]interface{}, err error) ReadWithDataWithContextFn {
+func NewReadMetadataWithContextFn(secret map[string]any, err error) ReadWithDataWithContextFn {
 	return func(ctx context.Context, path string, data map[string][]string) (*vault.Secret, error) {
 		if secret == nil {
 			return nil, err
 		}
-		metadata := make(map[string]interface{})
+		metadata := make(map[string]any)
 		metadata["custom_metadata"] = secret
 		vault := &vault.Secret{
 			Data: metadata,
@@ -84,14 +84,14 @@ func NewReadMetadataWithContextFn(secret map[string]interface{}, err error) Read
 	}
 }
 
-func NewWriteWithContextFn(secret map[string]interface{}, err error) WriteWithContextFn {
-	return func(ctx context.Context, path string, data map[string]interface{}) (*vault.Secret, error) {
+func NewWriteWithContextFn(secret map[string]any, err error) WriteWithContextFn {
+	return func(ctx context.Context, path string, data map[string]any) (*vault.Secret, error) {
 		return &vault.Secret{Data: secret}, err
 	}
 }
 
-func ExpectWriteWithContextValue(expected map[string]interface{}) WriteWithContextFn {
-	return func(ctx context.Context, path string, data map[string]interface{}) (*vault.Secret, error) {
+func ExpectWriteWithContextValue(expected map[string]any) WriteWithContextFn {
+	return func(ctx context.Context, path string, data map[string]any) (*vault.Secret, error) {
 		if strings.Contains(path, "metadata") {
 			return &vault.Secret{Data: data}, nil
 		}
@@ -103,7 +103,7 @@ func ExpectWriteWithContextValue(expected map[string]interface{}) WriteWithConte
 }
 
 func ExpectWriteWithContextNoCall() WriteWithContextFn {
-	return func(_ context.Context, path string, data map[string]interface{}) (*vault.Secret, error) {
+	return func(_ context.Context, path string, data map[string]any) (*vault.Secret, error) {
 		return nil, fmt.Errorf("fail")
 	}
 }
@@ -113,11 +113,11 @@ func ExpectDeleteWithContextNoCall() DeleteWithContextFn {
 		return nil, fmt.Errorf("fail")
 	}
 }
-func WriteChangingReadContext(secret map[string]interface{}, l Logical) WriteWithContextFn {
+func WriteChangingReadContext(secret map[string]any, l Logical) WriteWithContextFn {
 	v := &vault.Secret{
 		Data: secret,
 	}
-	return func(ctx context.Context, path string, data map[string]interface{}) (*vault.Secret, error) {
+	return func(ctx context.Context, path string, data map[string]any) (*vault.Secret, error) {
 		l.ReadWithDataWithContextFn = func(ctx context.Context, path string, data map[string][]string) (*vault.Secret, error) {
 			return v, nil
 		}
@@ -131,7 +131,7 @@ func (f Logical) ReadWithDataWithContext(ctx context.Context, path string, data
 func (f Logical) ListWithContext(ctx context.Context, path string) (*vault.Secret, error) {
 	return f.ListWithContextFn(ctx, path)
 }
-func (f Logical) WriteWithContext(ctx context.Context, path string, data map[string]interface{}) (*vault.Secret, error) {
+func (f Logical) WriteWithContext(ctx context.Context, path string, data map[string]any) (*vault.Secret, error) {
 	return f.WriteWithContextFn(ctx, path, data)
 }
 
@@ -222,7 +222,7 @@ func NewVaultLogical() Logical {
 		ListWithContextFn: func(ctx context.Context, path string) (*vault.Secret, error) {
 			return nil, nil
 		},
-		WriteWithContextFn: func(ctx context.Context, path string, data map[string]interface{}) (*vault.Secret, error) {
+		WriteWithContextFn: func(ctx context.Context, path string, data map[string]any) (*vault.Secret, error) {
 			return nil, nil
 		},
 	}

pkg/provider/vault/util/vault.go

@@ -35,7 +35,7 @@ type Token interface {
 type Logical interface {
 	ReadWithDataWithContext(ctx context.Context, path string, data map[string][]string) (*vault.Secret, error)
 	ListWithContext(ctx context.Context, path string) (*vault.Secret, error)
-	WriteWithContext(ctx context.Context, path string, data map[string]interface{}) (*vault.Secret, error)
+	WriteWithContext(ctx context.Context, path string, data map[string]any) (*vault.Secret, error)
 	DeleteWithContext(ctx context.Context, path string) (*vault.Secret, error)
 }
 

pkg/provider/webhook/webhook.go

@@ -142,7 +142,7 @@ func (w *WebHook) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDat
 		return nil, err
 	}
 	if resultJSONPath != "" {
-		jsondata := interface{}(nil)
+		jsondata := any(nil)
 		if err := json.Unmarshal(result, &jsondata); err != nil {
 			return nil, fmt.Errorf("failed to parse response json: %w", err)
 		}
@@ -156,7 +156,7 @@ func (w *WebHook) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDat
 	return result, nil
 }
 
-// tries to extract data from an interface{}
+// tries to extract data from an any
 // it is supposed to return a single value.
 func extractSecretData(jsondata any) ([]byte, error) {
 	switch val := jsondata.(type) {

pkg/provider/yandex/certificatemanager/certificatemanager_test.go

@@ -688,7 +688,7 @@ func newYandexCertificateManagerSecretStore(apiEndpoint, namespace, authorizedKe
 	}
 }
 
-func toJSON(t *testing.T, v interface{}) []byte {
+func toJSON(t *testing.T, v any) []byte {
 	jsonBytes, err := json.Marshal(v)
 	tassert.Nil(t, err)
 	return jsonBytes

pkg/provider/yandex/lockbox/lockbox_test.go

@@ -641,7 +641,7 @@ func newYandexLockboxSecretStore(apiEndpoint, namespace, authorizedKeySecretName
 	}
 }
 
-func toJSON(t *testing.T, v interface{}) []byte {
+func toJSON(t *testing.T, v any) []byte {
 	jsonBytes, err := json.Marshal(v)
 	tassert.Nil(t, err)
 	return jsonBytes

pkg/provider/yandex/lockbox/lockboxsecretgetter.go

@@ -43,7 +43,7 @@ func (g *lockboxSecretGetter) GetSecret(ctx context.Context, iamToken, resourceI
 	}
 
 	if property == "" {
-		keyToValue := make(map[string]interface{}, len(entries))
+		keyToValue := make(map[string]any, len(entries))
 		for _, entry := range entries {
 			value, err := getValueAsIs(entry)
 			if err != nil {
@@ -82,7 +82,7 @@ func (g *lockboxSecretGetter) GetSecretMap(ctx context.Context, iamToken, resour
 	return secretMap, nil
 }
 
-func getValueAsIs(entry *lockbox.Payload_Entry) (interface{}, error) {
+func getValueAsIs(entry *lockbox.Payload_Entry) (any, error) {
 	switch entry.Value.(type) {
 	case *lockbox.Payload_Entry_TextValue:
 		return entry.GetTextValue(), nil

pkg/template/v1/template.go

@@ -135,7 +135,7 @@ func jwkPublicKeyPem(jwkjson []byte) (string, error) {
 	if err != nil {
 		return "", err
 	}
-	var rawkey interface{}
+	var rawkey any
 	err = k.Raw(&rawkey)
 	if err != nil {
 		return "", err
@@ -153,7 +153,7 @@ func jwkPrivateKeyPem(jwkjson []byte) (string, error) {
 		return "", err
 	}
 	var mpk []byte
-	var pk interface{}
+	var pk any
 	err = k.Raw(&pk)
 	if err != nil {
 		return "", err
@@ -202,8 +202,8 @@ func base64encode(in []byte) []byte {
 	return out
 }
 
-func fromJSON(in []byte) (interface{}, error) {
-	var out interface{}
+func fromJSON(in []byte) (any, error) {
+	var out any
 	err := json.Unmarshal(in, &out)
 	if err != nil {
 		return nil, fmt.Errorf(errUnmarshalJSON, err)
@@ -211,7 +211,7 @@ func fromJSON(in []byte) (interface{}, error) {
 	return out, nil
 }
 
-func toJSON(in interface{}) (string, error) {
+func toJSON(in any) (string, error) {
 	output, err := json.Marshal(in)
 	if err != nil {
 		return "", fmt.Errorf(errMarshalJSON, err)

pkg/template/v2/jwk.go

@@ -25,7 +25,7 @@ func jwkPublicKeyPem(jwkjson string) (string, error) {
 	if err != nil {
 		return "", err
 	}
-	var rawkey interface{}
+	var rawkey any
 	err = k.Raw(&rawkey)
 	if err != nil {
 		return "", err
@@ -43,7 +43,7 @@ func jwkPrivateKeyPem(jwkjson string) (string, error) {
 		return "", err
 	}
 	var mpk []byte
-	var pk interface{}
+	var pk any
 	err = k.Raw(&pk)
 	if err != nil {
 		return "", err

pkg/template/v2/pkcs12.go

@@ -58,7 +58,7 @@ func pkcs12keyPass(pass, input string) (string, error) {
 	return string(pemData), nil
 }
 
-func parsePrivateKey(block []byte) (interface{}, error) {
+func parsePrivateKey(block []byte) (any, error) {
 	if k, err := x509.ParsePKCS1PrivateKey(block); err == nil {
 		return k, nil
 	}

pkg/template/v2/yaml.go

@@ -24,7 +24,7 @@ import (
 // always return a string, even on marshal error (empty string).
 //
 // This is designed to be called from a template.
-func toYAML(v interface{}) string {
+func toYAML(v any) string {
 	data, err := yaml.Marshal(v)
 	if err != nil {
 		// Swallow errors inside of a template.
@@ -33,14 +33,14 @@ func toYAML(v interface{}) string {
 	return strings.TrimSuffix(string(data), "\n")
 }
 
-// fromYAML converts a YAML document into a map[string]interface{}.
+// fromYAML converts a YAML document into a map[string]any.
 //
 // This is not a general-purpose YAML parser, and will not parse all valid
 // YAML documents. Additionally, because its intended use is within templates
 // it tolerates errors. It will insert the returned error message string into
 // m["Error"] in the returned map.
-func fromYAML(str string) map[string]interface{} {
-	m := map[string]interface{}{}
+func fromYAML(str string) map[string]any {
+	m := map[string]any{}
 
 	if err := yaml.Unmarshal([]byte(str), &m); err != nil {
 		m["Error"] = err.Error()

pkg/utils/utils.go

@@ -50,7 +50,7 @@ var (
 )
 
 // JSONMarshal takes an interface and returns a new escaped and encoded byte slice.
-func JSONMarshal(t interface{}) ([]byte, error) {
+func JSONMarshal(t any) ([]byte, error) {
 	buffer := &bytes.Buffer{}
 	encoder := json.NewEncoder(buffer)
 	encoder.SetEscapeHTML(false)
@@ -293,18 +293,18 @@ var (
 	ErrSecretType    = errors.New("can not handle secret value with type")
 )
 
-func GetByteValueFromMap(data map[string]interface{}, key string) ([]byte, error) {
+func GetByteValueFromMap(data map[string]any, key string) ([]byte, error) {
 	v, ok := data[key]
 	if !ok {
 		return nil, fmt.Errorf("%w: %s", ErrUnexpectedKey, key)
 	}
 	return GetByteValue(v)
 }
-func GetByteValue(v interface{}) ([]byte, error) {
+func GetByteValue(v any) ([]byte, error) {
 	switch t := v.(type) {
 	case string:
 		return []byte(t), nil
-	case map[string]interface{}:
+	case map[string]any:
 		return json.Marshal(t)
 	case []string:
 		return []byte(strings.Join(t, "\n")), nil
@@ -317,7 +317,7 @@ func GetByteValue(v interface{}) ([]byte, error) {
 		return []byte(strconv.FormatFloat(t, 'f', -1, 64)), nil
 	case json.Number:
 		return []byte(t.String()), nil
-	case []interface{}:
+	case []any:
 		return json.Marshal(t)
 	case bool:
 		return []byte(strconv.FormatBool(t)), nil
@@ -329,7 +329,7 @@ func GetByteValue(v interface{}) ([]byte, error) {
 }
 
 // IsNil checks if an Interface is nil.
-func IsNil(i interface{}) bool {
+func IsNil(i any) bool {
 	if i == nil {
 		return true
 	}
@@ -343,7 +343,7 @@ func IsNil(i interface{}) bool {
 // ObjectHash calculates md5 sum of the data contained in the secret.
 //
 //nolint:gosec
-func ObjectHash(object interface{}) string {
+func ObjectHash(object any) string {
 	textualVersion := fmt.Sprintf("%+v", object)
 	return fmt.Sprintf("%x", md5.Sum([]byte(textualVersion)))
 }
@@ -451,7 +451,7 @@ func Ptr[T any](i T) *T {
 	return &i
 }
 
-func ConvertToType[T any](obj interface{}) (T, error) {
+func ConvertToType[T any](obj any) (T, error) {
 	var v T
 
 	data, err := json.Marshal(obj)

pkg/utils/utils_test.go

@@ -40,7 +40,7 @@ const (
 func TestObjectHash(t *testing.T) {
 	tests := []struct {
 		name  string
-		input interface{}
+		input any
 		want  string
 	}{
 		{
@@ -81,7 +81,7 @@ func TestObjectHash(t *testing.T) {
 func TestIsNil(t *testing.T) {
 	tbl := []struct {
 		name string
-		val  interface{}
+		val  any
 		exp  bool
 	}{
 		{
@@ -747,7 +747,7 @@ func TestFetchValueFromMetadata(t *testing.T) {
 
 func TestGetByteValue(t *testing.T) {
 	type args struct {
-		data interface{}
+		data any
 	}
 	type testCase struct {
 		name    string
@@ -765,9 +765,9 @@ func TestGetByteValue(t *testing.T) {
 			wantErr: false,
 		},
 		{
-			name: "map of interface{}",
+			name: "map of any",
 			args: args{
-				data: map[string]interface{}{
+				data: map[string]any{
 					"key": "value",
 				},
 			},
@@ -807,9 +807,9 @@ func TestGetByteValue(t *testing.T) {
 			wantErr: false,
 		},
 		{
-			name: "slice of interface{}",
+			name: "slice of any",
 			args: args{
-				data: []interface{}{"value1", "value2"},
+				data: []any{"value1", "value2"},
 			},
 			want:    []byte(`["value1","value2"]`),
 			wantErr: false,