fix(cli): create client only when needed (#2372)

.golangci.yml

@@ -249,6 +249,10 @@ issues:
       text: 'cyclomatic complexity \d+ of func `(renewForDomains|renewForCSR)` is high'
       linters:
         - gocyclo
+    - path: cmd/cmd_renew.go
+      text: "Function 'renewForDomains' has too many statements"
+      linters:
+        - funlen
     - path: providers/dns/cpanel/cpanel.go
       text: 'cyclomatic complexity 13 of func `\(\*DNSProvider\)\.CleanUp` is high'
       linters:

cmd/cmd_renew.go

@@ -123,8 +123,7 @@ func createRenew() *cli.Command {
 }
 
 func renew(ctx *cli.Context) error {
-	account, client := setup(ctx, NewAccountsStorage(ctx))
-	setupChallenges(ctx, client)
+	account, keyType := setupAccount(ctx, NewAccountsStorage(ctx))
 
 	if account.Registration == nil {
 		log.Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", account.Email)
@@ -138,14 +137,14 @@ func renew(ctx *cli.Context) error {
 
 	// CSR
 	if ctx.IsSet(flgCSR) {
-		return renewForCSR(ctx, client, certsStorage, bundle, meta)
+		return renewForCSR(ctx, account, keyType, certsStorage, bundle, meta)
 	}
 
 	// Domains
-	return renewForDomains(ctx, client, certsStorage, bundle, meta)
+	return renewForDomains(ctx, account, keyType, certsStorage, bundle, meta)
 }
 
-func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *CertificatesStorage, bundle bool, meta map[string]string) error {
+func renewForDomains(ctx *cli.Context, account *Account, keyType certcrypto.KeyType, certsStorage *CertificatesStorage, bundle bool, meta map[string]string) error {
 	domains := ctx.StringSlice(flgDomains)
 	domain := domains[0]
 
@@ -162,7 +161,11 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif
 	var ariRenewalTime *time.Time
 	var replacesCertID string
 
+	var client *lego.Client
+
 	if !ctx.Bool(flgARIDisable) {
+		client = setupClient(ctx, account, keyType)
+
 		ariRenewalTime = getARIRenewalTime(ctx, cert, domain, client)
 		if ariRenewalTime != nil {
 			now := time.Now().UTC()
@@ -189,6 +192,10 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif
 		return nil
 	}
 
+	if client == nil {
+		client = setupClient(ctx, account, keyType)
+	}
+
 	// This is just meant to be informal for the user.
 	timeLeft := cert.NotAfter.Sub(time.Now().UTC())
 	log.Infof("[%s] acme: Trying renewal with %d hours remaining", domain, int(timeLeft.Hours()))
@@ -250,7 +257,7 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif
 	return launchHook(ctx.String(flgRenewHook), meta)
 }
 
-func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *CertificatesStorage, bundle bool, meta map[string]string) error {
+func renewForCSR(ctx *cli.Context, account *Account, keyType certcrypto.KeyType, certsStorage *CertificatesStorage, bundle bool, meta map[string]string) error {
 	csr, err := readCSRFile(ctx.String(flgCSR))
 	if err != nil {
 		log.Fatal(err)
@@ -274,7 +281,11 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat
 	var ariRenewalTime *time.Time
 	var replacesCertID string
 
+	var client *lego.Client
+
 	if !ctx.Bool(flgARIDisable) {
+		client = setupClient(ctx, account, keyType)
+
 		ariRenewalTime = getARIRenewalTime(ctx, cert, domain, client)
 		if ariRenewalTime != nil {
 			now := time.Now().UTC()
@@ -296,6 +307,10 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat
 		return nil
 	}
 
+	if client == nil {
+		client = setupClient(ctx, account, keyType)
+	}
+
 	// This is just meant to be informal for the user.
 	timeLeft := cert.NotAfter.Sub(time.Now().UTC())
 	log.Infof("[%s] acme: Trying renewal with %d hours remaining", domain, int(timeLeft.Hours()))

cmd/cmd_revoke.go

@@ -38,12 +38,14 @@ func createRevoke() *cli.Command {
 }
 
 func revoke(ctx *cli.Context) error {
-	acc, client := setup(ctx, NewAccountsStorage(ctx))
+	account, keyType := setupAccount(ctx, NewAccountsStorage(ctx))
 
-	if acc.Registration == nil {
-		log.Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", acc.Email)
+	if account.Registration == nil {
+		log.Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", account.Email)
 	}
 
+	client := newClient(ctx, account, keyType)
+
 	certsStorage := NewCertificatesStorage(ctx)
 	certsStorage.CreateRootFolder()
 

cmd/cmd_run.go

@@ -93,8 +93,9 @@ backups of this folder is ideal.
 func run(ctx *cli.Context) error {
 	accountsStorage := NewAccountsStorage(ctx)
 
-	account, client := setup(ctx, accountsStorage)
-	setupChallenges(ctx, client)
+	account, keyType := setupAccount(ctx, accountsStorage)
+
+	client := setupClient(ctx, account, keyType)
 
 	if account.Registration == nil {
 		reg, err := register(ctx, client)

cmd/setup.go

@@ -18,7 +18,16 @@ import (
 
 const filePerm os.FileMode = 0o600
 
-func setup(ctx *cli.Context, accountsStorage *AccountsStorage) (*Account, *lego.Client) {
+// setupClient creates a new client with challenge settings.
+func setupClient(ctx *cli.Context, account *Account, keyType certcrypto.KeyType) *lego.Client {
+	client := newClient(ctx, account, keyType)
+
+	setupChallenges(ctx, client)
+
+	return client
+}
+
+func setupAccount(ctx *cli.Context, accountsStorage *AccountsStorage) (*Account, certcrypto.KeyType) {
 	keyType := getKeyType(ctx)
 	privateKey := accountsStorage.GetPrivateKey(keyType)
 
@@ -29,9 +38,7 @@ func setup(ctx *cli.Context, accountsStorage *AccountsStorage) (*Account, *lego.
 		account = &Account{Email: accountsStorage.GetUserID(), key: privateKey}
 	}
 
-	client := newClient(ctx, account, keyType)
-
-	return account, client
+	return account, keyType
 }
 
 func newClient(ctx *cli.Context, acc registration.User, keyType certcrypto.KeyType) *lego.Client {