Record Failed condition in signer controller

pkg/controller/certificates/certificate_controller_utils.go

@@ -16,7 +16,10 @@ limitations under the License.
 
 package certificates
 
-import certificates "k8s.io/api/certificates/v1beta1"
+import (
+	certificates "k8s.io/api/certificates/v1beta1"
+	v1 "k8s.io/api/core/v1"
+)
 
 // IsCertificateRequestApproved returns true if a certificate request has the
 // "Approved" condition and no "Denied" conditions; false otherwise.
@@ -25,6 +28,16 @@ func IsCertificateRequestApproved(csr *certificates.CertificateSigningRequest) b
 	return approved && !denied
 }
 
+// HasCondition returns true if the csr contains a condition of the specified type with a status that is set to True or is empty
+func HasTrueCondition(csr *certificates.CertificateSigningRequest, conditionType certificates.RequestConditionType) bool {
+	for _, c := range csr.Status.Conditions {
+		if c.Type == conditionType && (len(c.Status) == 0 || c.Status == v1.ConditionTrue) {
+			return true
+		}
+	}
+	return false
+}
+
 func GetCertApprovalCondition(status *certificates.CertificateSigningRequestStatus) (approved bool, denied bool) {
 	for _, c := range status.Conditions {
 		if c.Type == certificates.CertificateApproved {