forked from TrueCloudLab/lego
Merge pull request #45 from xenolf/ensure-non-zero-error-return
Make sure the CLI returns proper non-zero exit codes on errors.
This commit is contained in:
xenolf
commit
1b07617a49
2 changed files with 24 additions and 24 deletions
|
|
@ -233,7 +233,7 @@ func (c *Client) ObtainCertificates(domains []string, bundle bool) ([]Certificat
|
||||||
// If bundle is true, the []byte contains both the issuer certificate and
|
// If bundle is true, the []byte contains both the issuer certificate and
|
||||||
// your issued certificate as a bundle.
|
// your issued certificate as a bundle.
|
||||||
// This function will never return a partial certificate. If one domain in the list fails,
|
// This function will never return a partial certificate. If one domain in the list fails,
|
||||||
// the while certificate will fail.
|
// the whole certificate will fail.
|
||||||
func (c *Client) ObtainSANCertificate(domains []string, bundle bool) (CertificateResource, map[string]error) {
|
func (c *Client) ObtainSANCertificate(domains []string, bundle bool) (CertificateResource, map[string]error) {
|
||||||
if bundle {
|
if bundle {
|
||||||
logf("[INFO] acme: Obtaining bundled SAN certificate for %v", strings.Join(domains, ", "))
|
logf("[INFO] acme: Obtaining bundled SAN certificate for %v", strings.Join(domains, ", "))
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@ func checkFolder(path string) error {
|
||||||
func setup(c *cli.Context) (*Configuration, *Account, *acme.Client) {
|
func setup(c *cli.Context) (*Configuration, *Account, *acme.Client) {
|
||||||
err := checkFolder(c.GlobalString("path"))
|
err := checkFolder(c.GlobalString("path"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Cound not check/create path: %v", err)
|
logger().Fatalf("Cound not check/create path: %s", err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
conf := NewConfiguration(c)
|
conf := NewConfiguration(c)
|
||||||
|
|
@ -36,7 +36,7 @@ func setup(c *cli.Context) (*Configuration, *Account, *acme.Client) {
|
||||||
|
|
||||||
client, err := acme.NewClient(c.GlobalString("server"), acc, conf.RsaBits(), conf.OptPort())
|
client, err := acme.NewClient(c.GlobalString("server"), acc, conf.RsaBits(), conf.OptPort())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatal("Could not create client:", err)
|
logger().Fatalf("Could not create client: %s", err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
return conf, acc, client
|
return conf, acc, client
|
||||||
|
|
@ -51,22 +51,22 @@ func saveCertRes(certRes acme.CertificateResource, conf *Configuration) {
|
||||||
|
|
||||||
err := ioutil.WriteFile(certOut, certRes.Certificate, 0600)
|
err := ioutil.WriteFile(certOut, certRes.Certificate, 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("Unable to save Certificate for domain %s\n\t%v", certRes.Domain, err)
|
logger().Fatalf("Unable to save Certificate for domain %s\n\t%s", certRes.Domain, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
err = ioutil.WriteFile(privOut, certRes.PrivateKey, 0600)
|
err = ioutil.WriteFile(privOut, certRes.PrivateKey, 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("Unable to save PrivateKey for domain %s\n\t%v", certRes.Domain, err)
|
logger().Fatalf("Unable to save PrivateKey for domain %s\n\t%s", certRes.Domain, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
jsonBytes, err := json.MarshalIndent(certRes, "", "\t")
|
jsonBytes, err := json.MarshalIndent(certRes, "", "\t")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("Unable to marshal CertResource for domain %s\n\t%v", certRes.Domain, err)
|
logger().Fatalf("Unable to marshal CertResource for domain %s\n\t%s", certRes.Domain, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
err = ioutil.WriteFile(metaOut, jsonBytes, 0600)
|
err = ioutil.WriteFile(metaOut, jsonBytes, 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("Unable to save CertResource for domain %s\n\t%v", certRes.Domain, err)
|
logger().Fatalf("Unable to save CertResource for domain %s\n\t%s", certRes.Domain, err.Error())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -75,7 +75,7 @@ func run(c *cli.Context) {
|
||||||
if acc.Registration == nil {
|
if acc.Registration == nil {
|
||||||
reg, err := client.Register()
|
reg, err := client.Register()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Could not complete registration\n\t%v", err)
|
logger().Fatalf("Could not complete registration\n\t%s", err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
acc.Registration = reg
|
acc.Registration = reg
|
||||||
|
|
@ -100,7 +100,7 @@ func run(c *cli.Context) {
|
||||||
logger().Println("Do you accept the TOS? Y/n")
|
logger().Println("Do you accept the TOS? Y/n")
|
||||||
text, err := reader.ReadString('\n')
|
text, err := reader.ReadString('\n')
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Could not read from console -> %v", err)
|
logger().Fatalf("Could not read from console -> %s", err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
text = strings.Trim(text, "\r\n")
|
text = strings.Trim(text, "\r\n")
|
||||||
|
|
@ -112,7 +112,7 @@ func run(c *cli.Context) {
|
||||||
if text == "Y" || text == "y" || text == "" {
|
if text == "Y" || text == "y" || text == "" {
|
||||||
err = client.AgreeToTOS()
|
err = client.AgreeToTOS()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Could not agree to tos -> %v", err)
|
logger().Fatalf("Could not agree to tos -> %s", err)
|
||||||
}
|
}
|
||||||
acc.Save()
|
acc.Save()
|
||||||
break
|
break
|
||||||
|
|
@ -129,13 +129,18 @@ func run(c *cli.Context) {
|
||||||
cert, failures := client.ObtainSANCertificate(c.GlobalStringSlice("domains"), true)
|
cert, failures := client.ObtainSANCertificate(c.GlobalStringSlice("domains"), true)
|
||||||
if len(failures) > 0 {
|
if len(failures) > 0 {
|
||||||
for k, v := range failures {
|
for k, v := range failures {
|
||||||
logger().Printf("[%s] Could not obtain certificates\n\t%v", k, v)
|
logger().Printf("[%s] Could not obtain certificates\n\t%s", k, v.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Make sure to return a non-zero exit code if ObtainSANCertificate
|
||||||
|
// returned at least one error. Due to us not returning partial
|
||||||
|
// certificate we can just exit here instead of at the end.
|
||||||
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
err := checkFolder(conf.CertPath())
|
err := checkFolder(conf.CertPath())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Cound not check/create path: %v", err)
|
logger().Fatalf("Cound not check/create path: %s", err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
saveCertRes(cert, conf)
|
saveCertRes(cert, conf)
|
||||||
|
|
@ -147,7 +152,7 @@ func revoke(c *cli.Context) {
|
||||||
|
|
||||||
err := checkFolder(conf.CertPath())
|
err := checkFolder(conf.CertPath())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Cound not check/create path: %v", err)
|
logger().Fatalf("Cound not check/create path: %s", err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, domain := range c.GlobalStringSlice("domains") {
|
for _, domain := range c.GlobalStringSlice("domains") {
|
||||||
|
|
@ -158,7 +163,7 @@ func revoke(c *cli.Context) {
|
||||||
|
|
||||||
err = client.RevokeCertificate(certBytes)
|
err = client.RevokeCertificate(certBytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("Error while revoking the certificate for domain %s\n\t%v", domain, err)
|
logger().Fatalf("Error while revoking the certificate for domain %s\n\t%s", domain, err.Error())
|
||||||
} else {
|
} else {
|
||||||
logger().Print("Certificate was revoked.")
|
logger().Print("Certificate was revoked.")
|
||||||
}
|
}
|
||||||
|
|
@ -178,8 +183,7 @@ func renew(c *cli.Context) {
|
||||||
|
|
||||||
certBytes, err := ioutil.ReadFile(certPath)
|
certBytes, err := ioutil.ReadFile(certPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("Error while loading the certificate for domain %s\n\t%v", domain, err)
|
logger().Fatalf("Error while loading the certificate for domain %s\n\t%s", domain, err.Error())
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if c.IsSet("days") {
|
if c.IsSet("days") {
|
||||||
|
|
@ -195,21 +199,18 @@ func renew(c *cli.Context) {
|
||||||
|
|
||||||
keyBytes, err := ioutil.ReadFile(privPath)
|
keyBytes, err := ioutil.ReadFile(privPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("Error while loading the private key for domain %s\n\t%v", domain, err)
|
logger().Fatalf("Error while loading the private key for domain %s\n\t%s", domain, err.Error())
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
metaBytes, err := ioutil.ReadFile(metaPath)
|
metaBytes, err := ioutil.ReadFile(metaPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("Error while loading the meta data for domain %s\n\t%v", domain, err)
|
logger().Fatalf("Error while loading the meta data for domain %s\n\t%s", domain, err.Error())
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var certRes acme.CertificateResource
|
var certRes acme.CertificateResource
|
||||||
err = json.Unmarshal(metaBytes, &certRes)
|
err = json.Unmarshal(metaBytes, &certRes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("Error while marshalling the meta data for domain %s\n\t%v", domain, err)
|
logger().Fatalf("Error while marshalling the meta data for domain %s\n\t%s", domain, err.Error())
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
certRes.PrivateKey = keyBytes
|
certRes.PrivateKey = keyBytes
|
||||||
|
|
@ -217,8 +218,7 @@ func renew(c *cli.Context) {
|
||||||
|
|
||||||
newCert, err := client.RenewCertificate(certRes, true, true)
|
newCert, err := client.RenewCertificate(certRes, true, true)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Printf("%v", err)
|
logger().Fatalf("%s", err.Error())
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
saveCertRes(newCert, conf)
|
saveCertRes(newCert, conf)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue