diff --git a/.github/create_bundle.sh b/.github/create_bundle.sh
index 28c8c981b..e3dfc3da4 100755
--- a/.github/create_bundle.sh
+++ b/.github/create_bundle.sh
@@ -34,32 +34,32 @@ cat "${CLUSTER_BUNDLE_FILE}" | grep "image:"
 # error will be reported to the console.
 set +e
 for csv_image in $(cat "${CLUSTER_BUNDLE_FILE}" | grep "image:" | sed -e "s|.*image:||" | sort -u); do
-  digest_image=""
-  echo "CSV line: ${csv_image}"
+    digest_image=""
+    echo "CSV line: ${csv_image}"
 
-  # case where @ is in the csv_image image
-  if [[ "$csv_image" =~ .*"@".* ]]; then
-    delimeter='@'
-  else
-    delimeter=':'
-  fi
+    # case where @ is in the csv_image image
+    if [[ "$csv_image" =~ .*"@".* ]]; then
+        delimeter='@'
+    else
+        delimeter=':'
+    fi
 
-  base_image=$(echo $csv_image | cut -f 1 -d${delimeter})
-  tag_image=$(echo $csv_image | cut -f 2 -d${delimeter})
+    base_image=$(echo $csv_image | cut -f 1 -d${delimeter})
+    tag_image=$(echo $csv_image | cut -f 2 -d${delimeter})
 
-  if [[ "$base_image:$tag_image" == "controller:latest" ]]; then
-    echo "$base_image:$tag_image becomes $OPERATOR_IMG_WITH_DIGEST"
-    sed -e "s|$base_image:$tag_image|$OPERATOR_IMG_WITH_DIGEST|g" -i "${CLUSTER_BUNDLE_FILE}"
-  else
-    digest_image=$(skopeo inspect docker://${base_image}${delimeter}${tag_image} | jq '.Digest' -r)
-    echo "Base image: $base_image"
-    if [ -n "$digest_image" ]; then
-      echo "$base_image${delimeter}$tag_image becomes $base_image@$digest_image"
-      sed -i "s|$base_image$delimeter$tag_image|$base_image@$digest_image|g" "${CLUSTER_BUNDLE_FILE}"
+    if [[ "$base_image:$tag_image" == "controller:latest" ]]; then
+        echo "$base_image:$tag_image becomes $OPERATOR_IMG_WITH_DIGEST"
+        sed -e "s|$base_image:$tag_image|$OPERATOR_IMG_WITH_DIGEST|g" -i "${CLUSTER_BUNDLE_FILE}"
     else
-      echo "$base_image${delimeter}$tag_image not changed"
+        digest_image=$(skopeo inspect docker://${base_image}${delimeter}${tag_image} | jq '.Digest' -r)
+        echo "Base image: $base_image"
+        if [ -n "$digest_image" ]; then
+            echo "$base_image${delimeter}$tag_image becomes $base_image@$digest_image"
+            sed -i "s|$base_image$delimeter$tag_image|$base_image@$digest_image|g" "${CLUSTER_BUNDLE_FILE}"
+        else
+            echo "$base_image${delimeter}$tag_image not changed"
+        fi
     fi
-  fi
 done
 
 echo "Resulting bundle file images:"
diff --git a/.golangci.yaml b/.golangci.yaml
new file mode 100644
index 000000000..586bb3433
--- /dev/null
+++ b/.golangci.yaml
@@ -0,0 +1,7 @@
+linters:
+  # Enable specific linter
+  # https://golangci-lint.run/usage/linters/#enabled-by-default
+  enable:
+    errorlint
+run:
+  timeout: 5m
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index be132eea0..063bb5276 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,37 @@
 repos:
 - repo: local
   hooks:
+    - id: golangci-lint
+      name: golangci-lint
+      language: golang
+      types: [go]
+      entry: make
+      args: ["golangci-lint"]
+      pass_filenames: false
+    - id: gofmt
+      name: gofmt
+      language: system
+      entry: make
+      args: ["fmt"]
+      pass_filenames: false
+    - id: golint
+      name: golint
+      language: system
+      entry: make
+      args: ["golint"]
+      pass_filenames: false
+    - id: govet
+      name: govet
+      language: system
+      entry: make
+      args: ["vet"]
+      pass_filenames: false
+    - id: gotidy
+      name: gotidy
+      language: system
+      entry: make
+      args: ["tidy"]
+      pass_filenames: false
     - id: make-manifests
       name: make-manifests
       language: system
@@ -20,17 +51,8 @@ repos:
       args: ['operator-lint']
       pass_filenames: false
 
-- repo: https://github.com/dnephin/pre-commit-golang
-  rev: v0.5.1
-  hooks:
-    - id: go-fmt
-      exclude: ^vendor
-    - id: go-vet
-    - id: go-mod-tidy
-    - id: go-lint
-
 - repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v4.3.0
+  rev: v4.4.0
   hooks:
     - id: check-added-large-files
     - id: fix-byte-order-marker
@@ -51,3 +73,9 @@ repos:
     - id: no-commit-to-branch
     - id: trailing-whitespace
       exclude: ^vendor
+
+- repo: https://github.com/openstack/bashate.git
+  rev: 2.1.1
+  hooks:
+    - id: bashate
+      entry: bashate --error . --ignore=E006,E040,E011,E020,E012
diff --git a/Makefile b/Makefile
index 19d9474c9..285350c4e 100644
--- a/Makefile
+++ b/Makefile
@@ -89,7 +89,7 @@ help: ## Display this help.
 ##@ Development
 
 .PHONY: manifests
-manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
+manifests: gowork controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
 	$(CONTROLLER_GEN) rbac:roleName=manager-role crd$(CRDDESC_OVERRIDE) webhook paths="./..." output:crd:artifacts:config=config/crd/bases && \
     rm -f apis/bases/* && cp -a config/crd/bases apis/
 
@@ -106,6 +106,18 @@ vet: gowork ## Run go vet against code.
 	go vet ./...
 	go vet ./apis/...
 
+.PHONY: tidy
+tidy: fmt
+	go mod tidy; \
+	pushd "$(LOCALBIN)/../apis"; \
+	go mod tidy; \
+	popd
+
+.PHONY: golangci-lint
+golangci-lint:
+	test -s $(LOCALBIN)/golangci-lint || curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.51.2
+	$(LOCALBIN)/golangci-lint run --fix
+
 .PHONY: test
 test: manifests generate fmt vet envtest ## Run tests.
 	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out
diff --git a/hack/configure_local_webhook.sh b/hack/configure_local_webhook.sh
index f67c31cb3..faa9f6e02 100755
--- a/hack/configure_local_webhook.sh
+++ b/hack/configure_local_webhook.sh
@@ -11,16 +11,16 @@ sudo firewall-cmd --runtime-to-permanent
 
 # Generate the certs and the ca bundle
 if [ "$SKIP_CERT" = false ] ; then
-  mkdir -p ${TMPDIR}
-  rm -rf ${TMPDIR}/* || true
+    mkdir -p ${TMPDIR}
+    rm -rf ${TMPDIR}/* || true
 
-  openssl req -newkey rsa:2048 -days 3650 -nodes -x509 \
+    openssl req -newkey rsa:2048 -days 3650 -nodes -x509 \
     -subj "/CN=${HOSTNAME}" \
     -addext "subjectAltName = IP:${CRC_IP}" \
     -keyout ${TMPDIR}/tls.key \
     -out ${TMPDIR}/tls.crt
 
-  cat ${TMPDIR}/tls.crt ${TMPDIR}/tls.key | base64 -w 0 > ${TMPDIR}/bundle.pem
+    cat ${TMPDIR}/tls.crt ${TMPDIR}/tls.key | base64 -w 0 > ${TMPDIR}/bundle.pem
 
 fi
 
diff --git a/hack/pin-custom-bundle-dockerfile.sh b/hack/pin-custom-bundle-dockerfile.sh
index 7de1dcf13..a8fc337dc 100755
--- a/hack/pin-custom-bundle-dockerfile.sh
+++ b/hack/pin-custom-bundle-dockerfile.sh
@@ -10,27 +10,27 @@ cp custom-bundle.Dockerfile custom-bundle.Dockerfile.pinned
 
 #loop over each openstack-k8s-operators go.mod entry
 for MOD_PATH in $(go list -m -json all | jq -r '. | select(.Path | contains("openstack")) | .Replace // . |.Path' | grep -v openstack-operator | grep -v lib-common); do
-  if [[ "$MOD_PATH" == "./apis" ]]; then
-    continue
-  fi
-  MOD_VERSION=$(go list -m -json all | jq -r ". | select(.Path | contains(\"openstack\")) | .Replace // . | select( .Path == \"$MOD_PATH\") | .Version")
+    if [[ "$MOD_PATH" == "./apis" ]]; then
+        continue
+    fi
+    MOD_VERSION=$(go list -m -json all | jq -r ". | select(.Path | contains(\"openstack\")) | .Replace // . | select( .Path == \"$MOD_PATH\") | .Version")
 
-  BASE=$(echo $MOD_PATH | sed -e 's|github.com/.*/\(.*\)-operator/.*|\1|')
+    BASE=$(echo $MOD_PATH | sed -e 's|github.com/.*/\(.*\)-operator/.*|\1|')
 
-  REF=$(echo $MOD_VERSION | sed -e 's|v0.0.0-[0-9]*-\(.*\)$|\1|')
-  GITHUB_USER=$(echo $MOD_PATH | sed -e 's|github.com/\(.*\)/.*-operator/.*$|\1|')
-  REPO_CURL_URL="https://quay.io/api/v1/repository/openstack-k8s-operators"
-  REPO_URL="quay.io/openstack-k8s-operators"
-  if [[ "$GITHUB_USER" != "openstack-k8s-operators" || "$BASE" == "$IMAGEBASE" ]]; then
-      if [[ "$IMAGENAMESPACE" != "openstack-k8s-operators" || "${IMAGEREGISTRY}" != "quay.io" ]]; then
-          REPO_CURL_URL="https://${IMAGEREGISTRY}/api/v1/repository/${IMAGENAMESPACE}"
-          REPO_URL="${IMAGEREGISTRY}/${IMAGENAMESPACE}"
-      else
-          REPO_CURL_URL="https://quay.io/api/v1/repository/${GITHUB_USER}"
-          REPO_URL="quay.io/${GITHUB_USER}"
-      fi
-  fi
+    REF=$(echo $MOD_VERSION | sed -e 's|v0.0.0-[0-9]*-\(.*\)$|\1|')
+    GITHUB_USER=$(echo $MOD_PATH | sed -e 's|github.com/\(.*\)/.*-operator/.*$|\1|')
+    REPO_CURL_URL="https://quay.io/api/v1/repository/openstack-k8s-operators"
+    REPO_URL="quay.io/openstack-k8s-operators"
+    if [[ "$GITHUB_USER" != "openstack-k8s-operators" || "$BASE" == "$IMAGEBASE" ]]; then
+        if [[ "$IMAGENAMESPACE" != "openstack-k8s-operators" || "${IMAGEREGISTRY}" != "quay.io" ]]; then
+            REPO_CURL_URL="https://${IMAGEREGISTRY}/api/v1/repository/${IMAGENAMESPACE}"
+            REPO_URL="${IMAGEREGISTRY}/${IMAGENAMESPACE}"
+        else
+            REPO_CURL_URL="https://quay.io/api/v1/repository/${GITHUB_USER}"
+            REPO_URL="quay.io/${GITHUB_USER}"
+        fi
+    fi
 
-  SHA=$(curl -s ${REPO_CURL_URL}/$BASE-operator-bundle/tag/ | jq -r .tags[].name | sort -u | grep $REF)
-  sed -i custom-bundle.Dockerfile.pinned -e "s|quay.io/openstack-k8s-operators/${BASE}-operator-bundle.*|${REPO_URL}/${BASE}-operator-bundle:$SHA|"
+    SHA=$(curl -s ${REPO_CURL_URL}/$BASE-operator-bundle/tag/ | jq -r .tags[].name | sort -u | grep $REF)
+    sed -i custom-bundle.Dockerfile.pinned -e "s|quay.io/openstack-k8s-operators/${BASE}-operator-bundle.*|${REPO_URL}/${BASE}-operator-bundle:$SHA|"
 done