diff --git a/pkg/controller/certificates/trigger/policies/policies.go b/pkg/controller/certificates/trigger/policies/policies.go
index 7a8562dc7..1d10a5217 100644
--- a/pkg/controller/certificates/trigger/policies/policies.go
+++ b/pkg/controller/certificates/trigger/policies/policies.go
@@ -194,15 +194,17 @@ func currentSecretValidForSpec(input Input) (string, string, bool) {
 	return "", "", false
 }
 
-// CurrentCertificateNearingExpiry returns a policy function that can be used to check whether
-// an x509 cert currently issued for a Certificate should be renewed
+// CurrentCertificateNearingExpiry returns a policy function that can be used to
+// check whether an X.509 cert currently issued for a Certificate should be
+// renewed.
 func CurrentCertificateNearingExpiry(c clock.Clock, defaultRenewBeforeExpiryDuration time.Duration) Func {
 
 	return func(input Input) (string, string, bool) {
 
-		// Determine if certificate is nearing expiry solely by looking at the actual cert if it exists
-		// We assume that at this point we have called policy functions that check that
-		// input.Secret and input.Secret.Data exists (SecretDoesNotExist and SecretHasData)
+		// Determine if the certificate is nearing expiry solely by looking at
+		// the actual cert if it exists. We assume that at this point we have
+		// called policy functions that check that input.Secret and
+		// input.Secret.Data exists (SecretDoesNotExist and SecretHasData).
 		x509cert, err := pki.DecodeX509CertificateBytes(input.Secret.Data[corev1.TLSCertKey])
 		if err != nil {
 			// This case should never happen as it should always be caught by the
diff --git a/test/integration/certificates/trigger_controller_test.go b/test/integration/certificates/trigger_controller_test.go
index ae35ce59c..d2e32046d 100644
--- a/test/integration/certificates/trigger_controller_test.go
+++ b/test/integration/certificates/trigger_controller_test.go
@@ -124,8 +124,9 @@ func TestTriggerController_RenewNearExpiry(t *testing.T) {
 	defaultRenewBefore := time.Hour * 24
 
 	fakeClock := &fakeclock.FakeClock{}
-	// only use the 'current certificate nearing expiry' policy chain during the test
-	// as we want to test the very specific cases of triggering/not triggering depending on whether a renewal is required
+	// Only use the 'current certificate nearing expiry' policy chain during the
+	// test as we want to test the very specific cases of triggering/not
+	// triggering depending on whether a renewal is required.
 	policyChain := policies.Chain{policies.CurrentCertificateNearingExpiry(fakeClock, defaultRenewBefore)}
 	// Build, instantiate and run the trigger controller.
 	kubeClient, factory, cmCl, cmFactory := framework.NewClients(t, config)
@@ -157,15 +158,15 @@ func TestTriggerController_RenewNearExpiry(t *testing.T) {
 		},
 	}
 
-	// Create a private key for x509 cert
+	// Create a private key for X.509 cert
 	sk, err := utilpki.GenerateRSAPrivateKey(2048)
 	if err != nil {
 		t.Fatal(err)
 	}
 	skBytes := utilpki.EncodePKCS1PrivateKey(sk)
-	// Create an x509 cert
+	// Create an X.509 cert
 	x509CertBytes := selfSignCertificateWithNotBeforeAfter(t, skBytes, cert, notBefore.Time, notAfter.Time)
-	// Create a Secret with the x509 cert
+	// Create a Secret with the X.509 cert
 	_, err = kubeClient.CoreV1().Secrets(namespace).Create(ctx, &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      secretName,
@@ -200,21 +201,24 @@ func TestTriggerController_RenewNearExpiry(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	// 1. Test that Certificate's Issuing condition is not set to True when the x509 cert is not approaching expiry
+	// 1. Test that the Certificate's Issuing condition is not set to True when the
+	// X.509 cert is not approaching expiry.
 	// Wait for 2s, polling every 200ms to ensure that the controller does not set
 	// the condition.
 	t.Log("Ensuring Certificate does not have Issuing condition for 2s...")
 	ensureCertificateDoesNotHaveIssuingCondition(ctx, t, cmCl, namespace, certName)
 
-	// 2. Test that a Certificate does get the Issuing status condition set to True when the x509 cert is nearing expiry
+	// 2. Test that a Certificate does get the Issuing status condition set to
+	// True when the X.509 cert is nearing expiry.
 	t.Log("Advancing the clock forward to renewal time")
-	// advance the clock to a millisecond after renewal time
+	// Advance the clock to a millisecond after renewal time.
 	// fakeclock implementation uses .After when checking whether to trigger timers.
 	// renewalTime = notAfter - renewBefore
 	renewalTime := notAfter.Add(renewBefore.Duration * -1)
 	fakeClock.SetTime(renewalTime.Add(time.Millisecond * 2))
 
-	// Certificate's status.RenewalTime does not determine renewal, but we need to update some field to trigger a reconcile
+	// Certificate's status.RenewalTime does not determine renewal, but we need to
+	// update some field to trigger a reconcile.
 	someRenewalTime := metav1.NewTime(now)
 	cert.Status.RenewalTime = &someRenewalTime
 	cert, err = cmCl.CertmanagerV1().Certificates(namespace).UpdateStatus(ctx, cert, metav1.UpdateOptions{})