feat: add Programmed condition to KongUpstreamPolicy ancestors status

CHANGELOG.md

@@ -131,9 +131,10 @@ Adding a new version? You'll need three changes:
   enforce `KongUpstreamPolicy` status. 
   The controller will set an ancestor status in `KongUpstreamPolicy` status for 
   each of its ancestors (i.e. `Service` or `KongServiceFacade`) with the `Accepted`
-  condition.
+  and `Programmed` condition.
   [#5185](https://github.com/Kong/kubernetes-ingress-controller/pull/5185)
   [#5428](https://github.com/Kong/kubernetes-ingress-controller/pull/5428)
+  [#5444](https://github.com/Kong/kubernetes-ingress-controller/pull/5444)
 - New CRD `KongVault` to reperesent a custom Kong vault for storing senstive
   data used in plugin configurations. Now users can create a `KongVault` to
   create a custom Kong vault and reference the values in configurations of

internal/controllers/configuration/kongupstreampolicy_utils.go

@@ -32,10 +32,11 @@ const (
 // ancestorStatus represents the status of an ancestor (Service or KongServiceFacade).
 // A collection of all ancestors' statuses is used to build the KongUpstreamPolicy status.
 type ancestorStatus struct {
-	namespacedName    k8stypes.NamespacedName
-	ancestorKind      upstreamPolicyAncestorKind
-	acceptedCondition metav1.Condition
-	creationTimestamp metav1.Time
+	namespacedName      k8stypes.NamespacedName
+	ancestorKind        upstreamPolicyAncestorKind
+	acceptedCondition   metav1.Condition
+	programmedCondition metav1.Condition
+	creationTimestamp   metav1.Time
 }
 
 // serviceKey is used as a key for indexing Services by "namespace/name".
@@ -146,38 +147,58 @@ func (r *KongUpstreamPolicyReconciler) buildAncestorsStatus(
 		Reason:             string(gatewayapi.PolicyReasonAccepted),
 		LastTransitionTime: metav1.Now(),
 	}
-	conflictedCondition := metav1.Condition{
-		Type:               string(gatewayapi.PolicyConditionAccepted),
-		Status:             metav1.ConditionFalse,
-		Reason:             string(gatewayapi.PolicyReasonConflicted),
+	programmedCondition := metav1.Condition{
+		Type:               string(gatewayapi.GatewayConditionProgrammed),
+		Status:             metav1.ConditionTrue,
+		Reason:             string(gatewayapi.GatewayReasonProgrammed),
 		LastTransitionTime: metav1.Now(),
 	}
 
 	// Build the status for each ancestor (Services and KongServiceFacades).
 	ancestorsStatus := make([]ancestorStatus, 0, len(services)+len(serviceFacades))
 	for _, service := range services {
-		condition := acceptedCondition
+		service := service
+		acceptedCondition := acceptedCondition
 		if _, isConflicted := conflictedServices[buildServiceReference(service.Namespace, service.Name)]; isConflicted {
-			// If the service is conflicted, we will use the conflictedCondition.
-			condition = conflictedCondition
+			// If the Service is conflicted, we change it to False.
+			acceptedCondition.Status = metav1.ConditionFalse
+			acceptedCondition.Reason = string(gatewayapi.PolicyReasonConflicted)
+		}
+
+		programmedCondition := programmedCondition
+		if !r.DataplaneClient.KubernetesObjectIsConfigured(&service) {
+			// If the Service is not configured, we change it to False.
+			programmedCondition.Status = metav1.ConditionFalse
+			programmedCondition.Reason = string(gatewayapi.GatewayReasonPending)
 		}
+
 		ancestorsStatus = append(ancestorsStatus, ancestorStatus{
 			namespacedName: k8stypes.NamespacedName{
 				Namespace: service.Namespace,
 				Name:      service.Name,
 			},
-			ancestorKind:      upstreamPolicyAncestorKindService,
-			acceptedCondition: condition,
+			ancestorKind:        upstreamPolicyAncestorKindService,
+			acceptedCondition:   acceptedCondition,
+			programmedCondition: programmedCondition,
 		})
 	}
 	for _, serviceFacade := range serviceFacades {
+		serviceFacade := serviceFacade
+		programmedCondition := programmedCondition
+		if !r.DataplaneClient.KubernetesObjectIsConfigured(&serviceFacade) {
+			// If the KongServiceFacade is not configured, we change it to False.
+			programmedCondition.Status = metav1.ConditionFalse
+			programmedCondition.Reason = string(gatewayapi.GatewayReasonPending)
+		}
+
 		ancestorsStatus = append(ancestorsStatus, ancestorStatus{
 			namespacedName: k8stypes.NamespacedName{
 				Namespace: serviceFacade.Namespace,
 				Name:      serviceFacade.Name,
 			},
-			ancestorKind:      upstreamPolicyAncestorKindKongServiceFacade,
-			acceptedCondition: acceptedCondition,
+			ancestorKind:        upstreamPolicyAncestorKindKongServiceFacade,
+			acceptedCondition:   acceptedCondition,
+			programmedCondition: programmedCondition,
 		})
 	}
 
@@ -295,6 +316,7 @@ func (r *KongUpstreamPolicyReconciler) buildPolicyStatus(
 				ControllerName: gatewaycontroller.GetControllerName(),
 				Conditions: []metav1.Condition{
 					ss.acceptedCondition,
+					ss.programmedCondition,
 				},
 			},
 		)