A feature I’d like to see in certbot is the ability to check to see if an upgrade exists, but not perform an upgrade.
I’ve automated the renewal of my certificates by simply running
certbot-auto renew --quiet --no-self-upgrade which works great. Because I’m on an officially unsupported distro (Amazon Linux 1), I don’t want the client to upgrade itself because sometimes it breaks (I’ve found a workaround, but it requires manual intervention).
I would like to be able to have my automation script send me a message when there is a new version of certbot available.
certbot-auto --quiet --no-self-upgrade checkupgrade where it would exit with a return code if a new version is available.