Fix modernize linter errors

[inteon]

@erikgb found this really cool new linter modernize.

I tried my best to fix all issues it found.

[inteon]

The spec probably should not have been optional.

[erikgb]

I agree that we should do this, but it's technically a breaking change.

[inteon]

That should not be an issue imo, a CertificateRequestPolicy without Spec should have resulted in an error before too.

[inteon]

@erikgb I believe in the marshalled object, it would be cleaner to not have a status field if it is empty.

[inteon]

(same as https://github.com/cert-manager/trust-manager/blob/7a2fd4b292a3a9e05c8e2f771e3c007b6b4329a4/pkg/apis/trustmanager/v1alpha2/types_cluster_bundle.go#L49)

[erikgb]

Yes, I agree.

[inteon]

In this KEP: https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/2335-vanilla-crd-openapi-subset-structural-schemas#metadata, it looks like the metadata field is not required.

I think it is fine to always have this field in the marshalled resource.

[erikgb]

/approve

And a soft LGTM. Just a question on what looks like an unintentional change.

@inteon, can you please review cert-manager/makefile-modules#468 and cert-manager/makefile-modules#467? I believe it will make the adoption of this new linter a lot more effective.

[erikgb]

I agree that we should do this, but it's technically a breaking change.

[erikgb]

Yes, I agree.

[erikgb]

Suggested change

Unintentional change?

[inteon]

what is unintentional? the extra newline?

[erikgb]

Yes, why?

[inteon]

Ok, thanks, just verifying. I think it is OK.

[cert-manager-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: erikgb

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [erikgb]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[Copilot]

Pull Request Overview

This PR modernizes the codebase by enabling the modernize linter and applying its recommendations. The changes replace deprecated Go patterns with their modern equivalents, improving code clarity and consistency with current Go best practices.

Key changes:

• Replaced manual loop-based slice searches with slices.Contains
• Updated interface{} to use the modern any type alias
• Migrated from reflect.TypeOf() to the more efficient reflect.TypeFor[]()
• Updated CRD JSON tags and added required field validation

Reviewed Changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
pkg/internal/webhook/validator.go	Simplified plugin name validation using slices.Contains
pkg/internal/approver/validation/validator.go	Replaced interface{} with any in variable declaration
pkg/internal/approver/validation/serviceaccount.go	Updated CEL interface methods to use any and reflect.TypeFor[]()
pkg/internal/approver/constraints/evaluator.go	Updated function signature to use any instead of interface{}
pkg/apis/policy/v1alpha1/types_certificaterequestpolicy.go	Updated JSON tags and added field markers for proper API validation
deploy/crds/policy.cert-manager.io_certificaterequestpolicies.yaml	Added required field validation for spec field
deploy/charts/approver-policy/templates/crd-policy.cert-manager.io_certificaterequestpolicies.yaml	Added required field validation for spec field
.golangci.yaml	Removed exclusion rule that disabled the modernize linter

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[erikgb]

This looks sane to me! Thanks @inteon!

/lgtm