diff --git a/.golangci.yml b/.golangci.yml
index cb31c450..03184c8e 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -26,7 +26,6 @@ linters-settings:
   nakedret:
     # Make an issue if func has more lines of code than this setting, and it has naked returns.
     max-func-lines: 50
-
 linters:
   enable-all: true
   disable:
diff --git a/Makefile b/Makefile
index e1cf8622..8362eb5f 100644
--- a/Makefile
+++ b/Makefile
@@ -311,7 +311,7 @@ golangci-lint: ## Download golangci-lint locally if necessary.
 # Linting code as PR is expecting
 .PHONY: golint
 golint: golangci-lint
-	$(GOLANGCI_LINT) run --fix -c .golangci.yml
+	$(GOLANGCI_LINT) run -c .golangci.yml
 
 # Running e2e tests in a KinD instance
 .PHONY: e2e
diff --git a/controllers/rbac/manager.go b/controllers/rbac/manager.go
index 3790c8cc..21dff413 100644
--- a/controllers/rbac/manager.go
+++ b/controllers/rbac/manager.go
@@ -44,6 +44,7 @@ func (r *Manager) SetupWithManager(_ context.Context, mgr ctrl.Manager, configur
 	crbErr := ctrl.NewControllerManagedBy(mgr).
 		For(&rbacv1.ClusterRoleBinding{}, namesPredicate).
 		Watches(&capsulev1beta2.CapsuleConfiguration{}, handler.Funcs{
+			//nolint:revive
 			UpdateFunc: func(ctx context.Context, updateEvent event.UpdateEvent, limitingInterface workqueue.RateLimitingInterface) {
 				if updateEvent.ObjectNew.GetName() == configurationName {
 					if crbErr := r.EnsureClusterRoleBindings(ctx); crbErr != nil {
diff --git a/controllers/tenant/namespaces.go b/controllers/tenant/namespaces.go
index 8cb5a596..b412dca7 100644
--- a/controllers/tenant/namespaces.go
+++ b/controllers/tenant/namespaces.go
@@ -171,6 +171,7 @@ func (r *Manager) collectNamespaces(ctx context.Context, tenant *capsulev1beta2.
 		err = r.Client.List(ctx, list, client.MatchingFieldsSelector{
 			Selector: fields.OneTermEqualSelector(".metadata.ownerReferences[*].capsule", tenant.GetName()),
 		})
+
 		if err != nil {
 			return err
 		}
diff --git a/controllers/tls/manager.go b/controllers/tls/manager.go
index cac0c024..d83e4e2a 100644
--- a/controllers/tls/manager.go
+++ b/controllers/tls/manager.go
@@ -256,6 +256,7 @@ func (r Reconciler) updateValidatingWebhookConfiguration(ctx context.Context, ca
 	return retry.RetryOnConflict(retry.DefaultBackoff, func() (err error) {
 		vw := &admissionregistrationv1.ValidatingWebhookConfiguration{}
 		err = r.Get(ctx, types.NamespacedName{Name: r.Configuration.ValidatingWebhookConfigurationName()}, vw)
+
 		if err != nil {
 			r.Log.Error(err, "cannot retrieve ValidatingWebhookConfiguration")
 
@@ -277,6 +278,7 @@ func (r Reconciler) updateValidatingWebhookConfiguration(ctx context.Context, ca
 func (r Reconciler) updateMutatingWebhookConfiguration(ctx context.Context, caBundle []byte) error {
 	return retry.RetryOnConflict(retry.DefaultBackoff, func() (err error) {
 		mw := &admissionregistrationv1.MutatingWebhookConfiguration{}
+
 		err = r.Get(ctx, types.NamespacedName{Name: r.Configuration.MutatingWebhookConfigurationName()}, mw)
 		if err != nil {
 			r.Log.Error(err, "cannot retrieve MutatingWebhookConfiguration")
diff --git a/pkg/cert/ca.go b/pkg/cert/ca.go
index c66ca741..67a98e69 100644
--- a/pkg/cert/ca.go
+++ b/pkg/cert/ca.go
@@ -31,6 +31,7 @@ type CapsuleCA struct {
 
 func (c CapsuleCA) CACertificatePem() (b *bytes.Buffer, err error) {
 	var crtBytes []byte
+
 	crtBytes, err = x509.CreateCertificate(rand.Reader, c.certificate, c.certificate, &c.key.PublicKey, c.key)
 	if err != nil {
 		return
@@ -146,6 +147,7 @@ func NewCertificateAuthorityFromBytes(certBytes, keyBytes []byte) (*CapsuleCA, e
 //nolint:nakedret
 func (c *CapsuleCA) GenerateCertificate(opts CertificateOptions) (certificatePem *bytes.Buffer, certificateKey *bytes.Buffer, err error) {
 	var certPrivKey *rsa.PrivateKey
+
 	certPrivKey, err = rsa.GenerateKey(rand.Reader, 4096)
 	if err != nil {
 		return nil, nil, err
@@ -170,6 +172,7 @@ func (c *CapsuleCA) GenerateCertificate(opts CertificateOptions) (certificatePem
 	}
 
 	var certBytes []byte
+
 	certBytes, err = x509.CreateCertificate(rand.Reader, cert, c.certificate, &certPrivKey.PublicKey, c.key)
 	if err != nil {
 		return nil, nil, err
@@ -180,6 +183,7 @@ func (c *CapsuleCA) GenerateCertificate(opts CertificateOptions) (certificatePem
 		Type:  "CERTIFICATE",
 		Bytes: certBytes,
 	})
+
 	if err != nil {
 		return
 	}