Yes, every single one. The idea is that this is a way of selecting a certificate. You could have many different certificates with slightly different combinations of names and so the rule is that you have to mention all of the domain names in order to select one this way.
The --cert-name option which @peterthomassen mentioned is an alternative, which directly selects a particular one based on its name, not its contents. --cert-name didn't exist in older versions of Certbot and so some documentation may not suggest its use. If you want to find out the names you can use with --cert-name, you can run certbot certificates.
it will ask me to [U]pdate and if yes, replace the cert with only newdomain instead of expanding it. So if I understand correct, I will not be able to avoid to add all domains to the command (afaik currently up to 100), right?
Oh yeah, I didn’t think that part through. The Certbot command line always requires to you specify a complete list of the domains that will be covered by the new requested certificate. Using --cert-name doesn’t change that part of the behavior.