deblan-mirror/lego
1
0
Fork 0
mirror of https://github.com/go-acme/lego synced 2026-03-14 14:35:48 +01:00
Code Issues Projects Releases Packages Wiki Activity

feat: replace --run-hook and --renew-hook with --deploy-hook (#2825)

Browse source
This commit is contained in:
Ludovic Fernandez 2026-01-28 20:20:38 +01:00 committed by GitHub
commit ce4e7b042a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 14 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

4
cmd/cmd_renew.go
View file

@ -209,7 +209,7 @@ func renewForDomains(ctx context.Context, cmd *cli.Command, account *storage.Acc
hook.AddPathToMetadata(meta, certRes.Domain, certRes, certsStorage)
return hook.Launch(ctx, cmd.String(flgRenewHook), cmd.Duration(flgRenewHookTimeout), meta)
return hook.Launch(ctx, cmd.String(flgDeployHook), cmd.Duration(flgDeployHookTimeout), meta)
}
func renewForCSR(ctx context.Context, cmd *cli.Command, account *storage.Account, keyType certcrypto.KeyType, certsStorage *storage.CertificatesStorage, meta map[string]string) error {
@ -302,7 +302,7 @@ func renewForCSR(ctx context.Context, cmd *cli.Command, account *storage.Account
hook.AddPathToMetadata(meta, domain, certRes, certsStorage)
return hook.Launch(ctx, cmd.String(flgRenewHook), cmd.Duration(flgRenewHookTimeout), meta)
return hook.Launch(ctx, cmd.String(flgDeployHook), cmd.Duration(flgDeployHookTimeout), meta)
}
func needRenewal(x509Cert *x509.Certificate, domain string, days int, dynamic bool) bool {

2
cmd/cmd_run.go
View file

@ -88,7 +88,7 @@ func run(ctx context.Context, cmd *cli.Command) error {
hook.AddPathToMetadata(meta, cert.Domain, cert, certsStorage)
return hook.Launch(ctx, cmd.String(flgRunHook), cmd.Duration(flgRunHookTimeout), meta)
return hook.Launch(ctx, cmd.String(flgDeployHook), cmd.Duration(flgDeployHookTimeout), meta)
}
func obtainCertificate(ctx context.Context, cmd *cli.Command, client *lego.Client) (*certificate.Resource, error) {

17
cmd/flags.go
View file

@ -88,11 +88,8 @@ const (
// Flags names related to hooks.
const (
flgRenewHook = "renew-hook"
flgRenewHookTimeout = "renew-hook-timeout"
flgRunHook = "run-hook"
flgRunHookTimeout = "run-hook-timeout"
flgDeployHook = "deploy-hook"
flgDeployHookTimeout = "deploy-hook-timeout"
)
// Flag names related to the specific run command.
@ -388,14 +385,14 @@ func CreateObtainFlags() []cli.Flag {
}
}
func CreateHookFlags(name, timeoutName string) []cli.Flag {
func CreateHookFlags() []cli.Flag {
return []cli.Flag{
&cli.StringFlag{
Name: name,
Name: flgDeployHook,
Usage: "Define a hook. The hook is executed only when the certificates are effectively created/renewed.",
},
&cli.DurationFlag{
Name: timeoutName,
Name: flgDeployHookTimeout,
Usage: "Define the timeout for the hook execution.",
Value: 2 * time.Minute,
},
@ -418,7 +415,7 @@ func createRunFlags() []cli.Flag {
flags = append(flags, CreateChallengesFlags()...)
flags = append(flags, CreateObtainFlags()...)
flags = append(flags, CreateHookFlags(flgRunHook, flgRunHookTimeout)...)
flags = append(flags, CreateHookFlags()...)
flags = append(flags,
&cli.StringFlag{
@ -435,7 +432,7 @@ func createRenewFlags() []cli.Flag {
flags = append(flags, CreateChallengesFlags()...)
flags = append(flags, CreateObtainFlags()...)
flags = append(flags, CreateHookFlags(flgRenewHook, flgRenewHookTimeout)...)
flags = append(flags, CreateHookFlags()...)
flags = append(flags,
&cli.IntFlag{

8
docs/data/zz_cli_help.toml generated
View file

@ -76,8 +76,8 @@ OPTIONS:
--preferred-chain string If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name. If no match, the default offered chain will be used.
--profile string If the CA offers multiple certificate profiles (draft-ietf-acme-profiles), choose this one.
--always-deactivate-authorizations string Force the authorizations to be relinquished even if the certificate request was successful.
--run-hook string Define a hook. The hook is executed only when the certificates are effectively created/renewed.
--run-hook-timeout duration Define the timeout for the hook execution. (default: 2m0s)
--deploy-hook string Define a hook. The hook is executed only when the certificates are effectively created/renewed.
--deploy-hook-timeout duration Define the timeout for the hook execution. (default: 2m0s)
--private-key string Path to private key (in PEM encoding) for the certificate. By default, the private key is generated.
--help, -h show help
"""
@ -136,8 +136,8 @@ OPTIONS:
--preferred-chain string If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name. If no match, the default offered chain will be used.
--profile string If the CA offers multiple certificate profiles (draft-ietf-acme-profiles), choose this one.
--always-deactivate-authorizations string Force the authorizations to be relinquished even if the certificate request was successful.
--renew-hook string Define a hook. The hook is executed only when the certificates are effectively created/renewed.
--renew-hook-timeout duration Define the timeout for the hook execution. (default: 2m0s)
--deploy-hook string Define a hook. The hook is executed only when the certificates are effectively created/renewed.
--deploy-hook-timeout duration Define the timeout for the hook execution. (default: 2m0s)
--days int The number of days left on a certificate to renew it. (default: 30)
--dynamic Compute dynamically, based on the lifetime of the certificate(s), when to renew: use 1/3rd of the lifetime left, or 1/2 of the lifetime for short-lived certificates). This supersedes --days and will be the default behavior in Lego v5.
--ari-disable Do not use the renewalInfo endpoint (RFC9773) to check if a certificate should be renewed.