From c5cf376c5e56d37c37f9670b0f4e4a1c5e300bc6 Mon Sep 17 00:00:00 2001
From: Louis Taylor <louis@kragniz.eu>
Date: Wed, 25 Jul 2018 15:45:37 +0100
Subject: [PATCH] Run ValidateCertificateForIssuer during sync

---
 pkg/controller/certificates/sync.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/pkg/controller/certificates/sync.go b/pkg/controller/certificates/sync.go
index aa98aa8e3..e02ee4f4f 100644
--- a/pkg/controller/certificates/sync.go
+++ b/pkg/controller/certificates/sync.go
@@ -82,6 +82,22 @@ func (c *Controller) Sync(ctx context.Context, crt *v1alpha1.Certificate) (err e
 		return err
 	}
 
+	el = validation.ValidateCertificateForIssuer(crtCopy, issuerObj)
+	if len(el) > 0 {
+		msg := fmt.Sprintf("Resource validation failed: %v", el.ToAggregate())
+		crtCopy.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionFalse, errorConfig, msg, false)
+		return
+	} else {
+		for i, c := range crtCopy.Status.Conditions {
+			if c.Type == v1alpha1.CertificateConditionReady {
+				if c.Reason == errorConfig && c.Status == v1alpha1.ConditionFalse {
+					crtCopy.Status.Conditions = append(crtCopy.Status.Conditions[:i], crtCopy.Status.Conditions[i+1:]...)
+					break
+				}
+			}
+		}
+	}
+
 	issuerReady := issuerObj.HasCondition(v1alpha1.IssuerCondition{
 		Type:   v1alpha1.IssuerConditionReady,
 		Status: v1alpha1.ConditionTrue,