Sort domains before comparing

deps/common

@@ -1 +1 @@
-Subproject commit a1738a81645748892a34d990c6df07cd1b4815ad
+Subproject commit 026777bd644b84396138f1c3e940c93d1f78b563

images/acme-to-vault/Dockerfile

@@ -1,4 +1,4 @@
-FROM [[ .docker.repo ]][[ .docker.base_images.alpine ]]
+FROM [[ .docker.repo ]][[ .docker.base_images.alpine.image ]]
 MAINTAINER [[ .docker.maintainer ]]
 
 ENV ACME_HTTP_PORT=8787 \

images/acme-to-vault/root/usr/local/bin/acme-to-vault.sh

@@ -37,8 +37,9 @@ main(){
       CN=$(printenv ${CERT} | sed -E 's/([^,]+).*/\1/')
       ACTION=run
       if [ -e /secrets/acme/certificates/${CN}.crt -a -e /secrets/acme/certificates/${CN}.key ]; then
-        local CUR_DOMAIN=$(openssl x509 -in /secrets/acme/certificates/${CN}.crt -noout -ext subjectAltName | tail -1 | sed -E 's/\s+DNS://g')
-        if [ "${CUR_DOMAIN}" = "$(printenv ${CERT})" ]; then
+        local CONF_DOMAIN=$(printenv ${CERT} | tr "," "\n" | sort | tr "\n" "," | sed -E 's/,$/\n/')
+        local CUR_DOMAIN=$(openssl x509 -in /secrets/acme/certificates/${CN}.crt -noout -ext subjectAltName | tail -1 | sed -E 's/\s+DNS://g' | tr "," "\n" | sort | tr "\n" "," | sed -E 's/,$/\n/')
+        if [ "${CUR_DOMAIN}" = "${CONF_DOMAIN}" ]; then
           echo "Certificate for ${CN} already exists, trying to renew (if needed)"
           ACTION=renew
         else

variables.yml

@@ -5,7 +5,7 @@ acme:
   job_name: acme-to-vault
 
   # The Docker image to use
-  image: danielberteaud/acme-to-vault:20230828-1
+  image: danielberteaud/acme-to-vault:20230903-1
 
   # If a cron expression is defined, the service will stay running and renew certs.
   # If an empty string, the container will exit after running once