diff --git a/api/v1beta2/authpolicy_types.go b/api/v1beta2/authpolicy_types.go
index 8e9db87e7..3c20ca483 100644
--- a/api/v1beta2/authpolicy_types.go
+++ b/api/v1beta2/authpolicy_types.go
@@ -15,6 +15,11 @@ import (
 	"github.com/kuadrant/kuadrant-operator/pkg/common"
 )
 
+const (
+	AuthPolicyBackReferenceAnnotationName   = "kuadrant.io/authpolicies"
+	AuthPolicyDirectReferenceAnnotationName = "kuadrant.io/authpolicy"
+)
+
 type AuthSchemeSpec struct {
 	// Authentication configs.
 	// At least one config MUST evaluate to a valid identity object for the auth request to be successful.
@@ -286,11 +291,11 @@ func (ap *AuthPolicy) Kind() string {
 }
 
 func (ap *AuthPolicy) BackReferenceAnnotationName() string {
-	return "kuadrant.io/authpolicies"
+	return AuthPolicyBackReferenceAnnotationName
 }
 
 func (ap *AuthPolicy) DirectReferenceAnnotationName() string {
-	return "kuadrant.io/authpolicy"
+	return AuthPolicyDirectReferenceAnnotationName
 }
 
 //+kubebuilder:object:root=true
diff --git a/api/v1beta2/ratelimitpolicy_types.go b/api/v1beta2/ratelimitpolicy_types.go
index 29e524d14..8772eb834 100644
--- a/api/v1beta2/ratelimitpolicy_types.go
+++ b/api/v1beta2/ratelimitpolicy_types.go
@@ -52,6 +52,9 @@ const (
 	IncludeOperator    WhenConditionOperator = "incl"
 	ExcludeOperator    WhenConditionOperator = "excl"
 	MatchesOperator    WhenConditionOperator = "matches"
+
+	RateLimitPolicyBackReferenceAnnotationName   = "kuadrant.io/ratelimitpolicies"
+	RateLimitPolicyDirectReferenceAnnotationName = "kuadrant.io/ratelimitpolicy"
 )
 
 // +kubebuilder:validation:Enum:=second;minute;hour;day
@@ -249,11 +252,11 @@ func (r *RateLimitPolicy) Kind() string {
 }
 
 func (r *RateLimitPolicy) BackReferenceAnnotationName() string {
-	return "kuadrant.io/ratelimitpolicies"
+	return RateLimitPolicyBackReferenceAnnotationName
 }
 
 func (r *RateLimitPolicy) DirectReferenceAnnotationName() string {
-	return "kuadrant.io/ratelimitpolicy"
+	return RateLimitPolicyDirectReferenceAnnotationName
 }
 
 func init() {
diff --git a/controllers/authpolicy_controller.go b/controllers/authpolicy_controller.go
index b7c62c5a8..c8cd50653 100644
--- a/controllers/authpolicy_controller.go
+++ b/controllers/authpolicy_controller.go
@@ -16,7 +16,7 @@ import (
 	authorinoapi "github.com/kuadrant/authorino/api/v1beta2"
 	api "github.com/kuadrant/kuadrant-operator/api/v1beta2"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/mappers"
-	reconcilers2 "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
+	reconcilerutils "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/utils"
 	"github.com/kuadrant/kuadrant-operator/pkg/reconcilers"
 )
@@ -26,7 +26,7 @@ const authPolicyFinalizer = "authpolicy.kuadrant.io/finalizer"
 // AuthPolicyReconciler reconciles a AuthPolicy object
 type AuthPolicyReconciler struct {
 	*reconcilers.BaseReconciler
-	TargetRefReconciler reconcilers2.TargetRefReconciler
+	TargetRefReconciler reconcilerutils.TargetRefReconciler
 }
 
 //+kubebuilder:rbac:groups=kuadrant.io,resources=authpolicies,verbs=get;list;watch;create;update;patch;delete
@@ -62,7 +62,7 @@ func (r *AuthPolicyReconciler) Reconcile(eventCtx context.Context, req ctrl.Requ
 	markedForDeletion := ap.GetDeletionTimestamp() != nil
 
 	// fetch the target network object
-	targetNetworkObject, err := reconcilers2.FetchTargetRefObject(ctx, r.Client(), ap.GetTargetRef(), ap.Namespace)
+	targetNetworkObject, err := reconcilerutils.FetchTargetRefObject(ctx, r.Client(), ap.GetTargetRef(), ap.Namespace)
 	if err != nil {
 		if !markedForDeletion {
 			if apierrors.IsNotFound(err) {
@@ -153,7 +153,7 @@ func (r *AuthPolicyReconciler) reconcileResources(ctx context.Context, ap *api.A
 	}
 
 	// reconcile based on gateway diffs
-	gatewayDiffObj, err := reconcilers2.ComputeGatewayDiffs(ctx, r.Client(), ap, targetNetworkObject)
+	gatewayDiffObj, err := reconcilerutils.ComputeGatewayDiffs(ctx, r.Client(), ap, targetNetworkObject)
 	if err != nil {
 		return err
 	}
@@ -177,7 +177,7 @@ func (r *AuthPolicyReconciler) reconcileResources(ctx context.Context, ap *api.A
 
 func (r *AuthPolicyReconciler) deleteResources(ctx context.Context, ap *api.AuthPolicy, targetNetworkObject client.Object) error {
 	// delete based on gateway diffs
-	gatewayDiffObj, err := reconcilers2.ComputeGatewayDiffs(ctx, r.Client(), ap, targetNetworkObject)
+	gatewayDiffObj, err := reconcilerutils.ComputeGatewayDiffs(ctx, r.Client(), ap, targetNetworkObject)
 	if err != nil {
 		return err
 	}
diff --git a/controllers/ratelimitpolicy_controller.go b/controllers/ratelimitpolicy_controller.go
index edb352819..0dad87dae 100644
--- a/controllers/ratelimitpolicy_controller.go
+++ b/controllers/ratelimitpolicy_controller.go
@@ -22,7 +22,7 @@ import (
 
 	"github.com/go-logr/logr"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/mappers"
-	reconcilers2 "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
+	reconcilerutils "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/utils"
 	"github.com/kuadrant/kuadrant-operator/pkg/reconcilers"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -41,7 +41,7 @@ const rateLimitPolicyFinalizer = "ratelimitpolicy.kuadrant.io/finalizer"
 // RateLimitPolicyReconciler reconciles a RateLimitPolicy object
 type RateLimitPolicyReconciler struct {
 	*reconcilers.BaseReconciler
-	TargetRefReconciler reconcilers2.TargetRefReconciler
+	TargetRefReconciler reconcilerutils.TargetRefReconciler
 }
 
 //+kubebuilder:rbac:groups=kuadrant.io,resources=ratelimitpolicies,verbs=get;list;watch;create;update;patch;delete
@@ -88,7 +88,7 @@ func (r *RateLimitPolicyReconciler) Reconcile(eventCtx context.Context, req ctrl
 	markedForDeletion := rlp.GetDeletionTimestamp() != nil
 
 	// fetch the target network object
-	targetNetworkObject, err := reconcilers2.FetchTargetRefObject(ctx, r.Client(), rlp.GetTargetRef(), rlp.Namespace)
+	targetNetworkObject, err := reconcilerutils.FetchTargetRefObject(ctx, r.Client(), rlp.GetTargetRef(), rlp.Namespace)
 	if err != nil {
 		if !markedForDeletion {
 			if apierrors.IsNotFound(err) {
@@ -172,7 +172,7 @@ func (r *RateLimitPolicyReconciler) reconcileResources(ctx context.Context, rlp
 	}
 
 	// reconcile based on gateway diffs
-	gatewayDiffObj, err := reconcilers2.ComputeGatewayDiffs(ctx, r.Client(), rlp, targetNetworkObject)
+	gatewayDiffObj, err := reconcilerutils.ComputeGatewayDiffs(ctx, r.Client(), rlp, targetNetworkObject)
 	if err != nil {
 		return err
 	}
@@ -196,7 +196,7 @@ func (r *RateLimitPolicyReconciler) reconcileResources(ctx context.Context, rlp
 
 func (r *RateLimitPolicyReconciler) deleteResources(ctx context.Context, rlp *kuadrantv1beta2.RateLimitPolicy, targetNetworkObject client.Object) error {
 	// delete based on gateway diffs
-	gatewayDiffObj, err := reconcilers2.ComputeGatewayDiffs(ctx, r.Client(), rlp, targetNetworkObject)
+	gatewayDiffObj, err := reconcilerutils.ComputeGatewayDiffs(ctx, r.Client(), rlp, targetNetworkObject)
 	if err != nil {
 		return err
 	}
diff --git a/controllers/suite_test.go b/controllers/suite_test.go
index 4c435fd15..e234e050b 100644
--- a/controllers/suite_test.go
+++ b/controllers/suite_test.go
@@ -25,7 +25,7 @@ import (
 
 	authorinoopapi "github.com/kuadrant/authorino-operator/api/v1beta1"
 	authorinoapi "github.com/kuadrant/authorino/api/v1beta2"
-	reconcilers2 "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
+	reconcilerutils "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
 	limitadorv1alpha1 "github.com/kuadrant/limitador-operator/api/v1alpha1"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -130,7 +130,7 @@ var _ = BeforeSuite(func() {
 
 	err = (&AuthPolicyReconciler{
 		BaseReconciler:      authPolicyBaseReconciler,
-		TargetRefReconciler: reconcilers2.TargetRefReconciler{Client: mgr.GetClient()},
+		TargetRefReconciler: reconcilerutils.TargetRefReconciler{Client: mgr.GetClient()},
 	}).SetupWithManager(mgr)
 	Expect(err).NotTo(HaveOccurred())
 
@@ -142,7 +142,7 @@ var _ = BeforeSuite(func() {
 
 	err = (&RateLimitPolicyReconciler{
 		BaseReconciler:      rateLimitPolicyBaseReconciler,
-		TargetRefReconciler: reconcilers2.TargetRefReconciler{Client: mgr.GetClient()},
+		TargetRefReconciler: reconcilerutils.TargetRefReconciler{Client: mgr.GetClient()},
 	}).SetupWithManager(mgr)
 
 	Expect(err).NotTo(HaveOccurred())
diff --git a/main.go b/main.go
index df25e95fe..dfdb56229 100644
--- a/main.go
+++ b/main.go
@@ -22,7 +22,7 @@ import (
 	"os"
 	"runtime"
 
-	reconcilers2 "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
+	reconcilerutils "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
 	"k8s.io/utils/env"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 
@@ -154,7 +154,7 @@ func main() {
 	)
 
 	if err = (&controllers.RateLimitPolicyReconciler{
-		TargetRefReconciler: reconcilers2.TargetRefReconciler{Client: mgr.GetClient()},
+		TargetRefReconciler: reconcilerutils.TargetRefReconciler{Client: mgr.GetClient()},
 		BaseReconciler:      rateLimitPolicyBaseReconciler,
 	}).SetupWithManager(mgr); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "RateLimitPolicy")
@@ -168,7 +168,7 @@ func main() {
 	)
 
 	if err = (&controllers.AuthPolicyReconciler{
-		TargetRefReconciler: reconcilers2.TargetRefReconciler{Client: mgr.GetClient()},
+		TargetRefReconciler: reconcilerutils.TargetRefReconciler{Client: mgr.GetClient()},
 		BaseReconciler:      authPolicyBaseReconciler,
 	}).SetupWithManager(mgr); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "AuthPolicy")