Merge "letsencrypt-acme-sh-install: handle errors better in driver"

playbooks/roles/letsencrypt-acme-sh-install/files/driver.sh

@@ -23,6 +23,11 @@ fi
 # Ensure we don't write out files as world-readable
 umask 027
 
+function _exit {
+    echo "--- end   --- $(date -u '+%Y-%m-%dT%k:%M:%S%z') ---" >> ${LOG_FILE}
+}
+trap _exit EXIT
+
 echo -e  "\n--- start --- ${1} --- $(date -u '+%Y-%m-%dT%k:%M:%S%z') ---" >> ${LOG_FILE}
 
 if [[ ${1} == "issue" ]]; then
@@ -49,6 +54,16 @@ if [[ ${1} == "issue" ]]; then
                 # shell magic ^ is
                 #  - extract everything between ' '
                 #  - stick every two lines together, separated by a :
+        _exit_code=${PIPESTATUS[0]}
+        if [[ ${_exit_code} == 2 ]]; then
+            echo "Valid and current certificate found" >> ${LOG_FILE}
+            exit 0
+        elif [[ ${_exit_code} == 3 ]]; then
+            echo "Certificate request issued" >> ${LOG_FILE}
+        else
+            echo "Unknown failure: ${_exit_code}" >> ${LOG_FILE}
+            exit ${_exit_code}
+        fi
     done
 elif [[ ${1} == "issue-selfsign" ]]; then
     shift;
@@ -91,6 +106,16 @@ elif [[ ${1} == "renew" ]]; then
             --force \
             --renew \
             $arg 2>&1 | tee -a ${LOG_FILE}
+        _exit_code=${PIPESTATUS[0]}
+        if [[ ${_exit_code} == 2 ]]; then
+            echo "Valid and current certificate found" >> ${LOG_FILE}
+            exit 0
+        elif [[ ${_exit_code} == 0 ]]; then
+            echo "Certificate renewed" >> ${LOG_FILE}
+        else
+            echo "Unknown failure: ${_exit_code}" >> ${LOG_FILE}
+            exit ${_exit_code}
+        fi
     done
 elif [[ ${1} == "selfsign" ]]; then
     # For testing, simulate the key generation
@@ -160,5 +185,3 @@ else
     echo "Unknown driver arg: $1"
     exit 1
 fi
-
-echo "--- end   --- $(date -u '+%Y-%m-%dT%k:%M:%S%z') ---" >> ${LOG_FILE}