From d60c335cc0f02e0439ab3ca56fb8faee71f476d2 Mon Sep 17 00:00:00 2001
From: Ludovic Fernandez <ldez@users.noreply.github.com>
Date: Tue, 16 Apr 2024 23:10:59 +0200
Subject: [PATCH] feat: fills LEGO_CERT_PFX_PATH and LEGO_CERT_PEM_PATH only
 when needed (#2160)

---
 .golangci.yml                                  |  8 ++++++--
 cmd/cmd_renew.go                               | 18 ++++++++++++++++--
 docs/content/usage/cli/Obtain-a-Certificate.md |  2 ++
 docs/content/usage/cli/Renew-a-Certificate.md  |  2 ++
 4 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/.golangci.yml b/.golangci.yml
index 5986d45e..2e74d103 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -90,6 +90,11 @@ linters-settings:
     disable:
       - require-error
       - go-require
+  perfsprint:
+    err-error: true
+    errorf: true
+    sprintf1: true
+    strconcat: false
 
 linters:
   enable-all: true
@@ -149,7 +154,6 @@ issues:
     - 'Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked'
     - 'exported (type|method|function) (.+) should have comment or be unexported'
     - 'ST1000: at least one file in a package should have a package comment'
-    - 'fmt.Sprintf can be replaced with string'
   exclude-rules:
     - path: (.+)_test.go
       linters:
@@ -227,6 +231,6 @@ issues:
     - path: providers/dns/hosttech/internal/client_test.go
       text: 'Duplicate words \(0\) found'
     - path: cmd/cmd_renew.go
-      text: 'cyclomatic complexity \d+ of func `renewForDomains` is high'
+      text: 'cyclomatic complexity \d+ of func `(renewForDomains|renewForCSR)` is high'
     - path: providers/dns/cpanel/cpanel.go
       text: 'cyclomatic complexity 13 of func `\(\*DNSProvider\)\.CleanUp` is high'
diff --git a/cmd/cmd_renew.go b/cmd/cmd_renew.go
index 20876511..edbb3098 100644
--- a/cmd/cmd_renew.go
+++ b/cmd/cmd_renew.go
@@ -215,8 +215,14 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif
 	meta[renewEnvCertDomain] = domain
 	meta[renewEnvCertPath] = certsStorage.GetFileName(domain, ".crt")
 	meta[renewEnvCertKeyPath] = certsStorage.GetFileName(domain, ".key")
-	meta[renewEnvCertPEMPath] = certsStorage.GetFileName(domain, ".pem")
-	meta[renewEnvCertPFXPath] = certsStorage.GetFileName(domain, ".pfx")
+
+	if certsStorage.pem {
+		meta[renewEnvCertPEMPath] = certsStorage.GetFileName(domain, ".pem")
+	}
+
+	if certsStorage.pfx {
+		meta[renewEnvCertPFXPath] = certsStorage.GetFileName(domain, ".pfx")
+	}
 
 	return launchHook(ctx.String("renew-hook"), meta)
 }
@@ -290,6 +296,14 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat
 	meta[renewEnvCertPath] = certsStorage.GetFileName(domain, ".crt")
 	meta[renewEnvCertKeyPath] = certsStorage.GetFileName(domain, ".key")
 
+	if certsStorage.pem {
+		meta[renewEnvCertPEMPath] = certsStorage.GetFileName(domain, ".pem")
+	}
+
+	if certsStorage.pfx {
+		meta[renewEnvCertPFXPath] = certsStorage.GetFileName(domain, ".pfx")
+	}
+
 	return launchHook(ctx.String("renew-hook"), meta)
 }
 
diff --git a/docs/content/usage/cli/Obtain-a-Certificate.md b/docs/content/usage/cli/Obtain-a-Certificate.md
index 6ea6d323..0d5472e4 100644
--- a/docs/content/usage/cli/Obtain-a-Certificate.md
+++ b/docs/content/usage/cli/Obtain-a-Certificate.md
@@ -104,6 +104,8 @@ Some information is provided through environment variables:
 - `LEGO_CERT_DOMAIN`: the main domain of the certificate.
 - `LEGO_CERT_PATH`: the path of the certificate.
 - `LEGO_CERT_KEY_PATH`: the path of the certificate key.
+- `LEGO_CERT_PEM_PATH`: (only with `--pem`) the path to the PEM certificate.
+- `LEGO_CERT_PFX_PATH`: (only with `--pfx`) the path to the PFX certificate.
 
 ### Use case
 
diff --git a/docs/content/usage/cli/Renew-a-Certificate.md b/docs/content/usage/cli/Renew-a-Certificate.md
index 7f04331d..f630c5ee 100644
--- a/docs/content/usage/cli/Renew-a-Certificate.md
+++ b/docs/content/usage/cli/Renew-a-Certificate.md
@@ -61,6 +61,8 @@ Some information is provided through environment variables:
 - `LEGO_CERT_DOMAIN`: the main domain of the certificate.
 - `LEGO_CERT_PATH`: the path of the certificate.
 - `LEGO_CERT_KEY_PATH`: the path of the certificate key.
+- `LEGO_CERT_PEM_PATH`: (only with `--pem`) the path to the PEM certificate.
+- `LEGO_CERT_PFX_PATH`: (only with `--pfx`) the path to the PFX certificate.
 
 See [Obtain a Certificate → Use case]({{< ref "usage/cli/Obtain-a-Certificate#use-case" >}}) for an example script.