Add valid certificate ref condition setting

hashicorp · Apr 24, 2023 · d83a09c · d83a09c
1 parent eb3b997
commit d83a09c
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/agent/consul/gateways/controller_gateways.go b/agent/consul/gateways/controller_gateways.go
@@ -245,6 +245,14 @@ func (r *apiGatewayReconciler) reconcileGateway(_ context.Context, req controlle
 		updater.SetCondition(invalidCertificate(ref, err))
 	}
 
+	if len(certificateErrors) == 0 {
+		for _, listener := range gateway.Listeners {
+			for _, ref := range listener.TLS.Certificates {
+				updater.SetCondition(validCertificate(ref))
+			}
+		}
+	}
+
 	if len(certificateErrors) > 0 {
 		updater.SetCondition(invalidCertificates())
 	} else {
@@ -840,6 +848,19 @@ func gatewayAccepted() structs.Condition {
 	)
 }
 
+// validCertificate returns a condition used when a gateway references a
+// certificate that does not exist. It takes a ref used to scope the condition
+// to a given APIGateway listener.
+func validCertificate(ref structs.ResourceReference) structs.Condition {
+	return structs.NewGatewayCondition(
+		api.GatewayConditionResolvedRefs,
+		api.ConditionStatusTrue,
+		api.GatewayReasonResolvedRefs,
+		"resolved refs",
+		ref,
+	)
+}
+
 // invalidCertificate returns a condition used when a gateway references a
 // certificate that does not exist. It takes a ref used to scope the condition
 // to a given APIGateway listener.