Remove letsencrypt-email flag requirement

[welteki]

Description

Remove the --letsencrypt-email flag from the CLI as Let's Encrypt no longer requires an email address for certificate issuance. This simplifies the user experience by removing an unnecessary mandatory parameter when creating tunnel servers with HTTPS domains.

How Has This Been Tested?

• All existing unit tests pass
• E2E testing performed against Hetzner Cloud:
  • Successfully provisioned server without --letsencrypt-email flag
  • Verified generated user-data script is correct

How are existing users impacted? What migration steps/scripts do we need?

Breaking Change: Users will need can no longer use the --letsencrypt-email flag. The flag is completely removed and will cause an error if specified.

Before:

inletsctl create \
  --letsencrypt-domain example.com \
  --letsencrypt-email webmaster@example.com

After:

inletsctl create \
  --letsencrypt-domain example.com

Checklist:

I have:

• updated the documentation and/or roadmap (if required)
• read the CONTRIBUTION guide
• signed-off my commits with git commit -s
• added unit tests

Blockers

• Requires new inlets-pro release that supports omitting --letsencrypt-email
• Default inletsProDefaultVersion needs to be bumped to the new release version once available

[alexellis]

The build is failing on CI.. and also.. why a draft for a simple flag removal?

[alexellis]

Seems like unit tests were not run.. these correspond to the inlets flags and the userdata generation.

I guess we want an inlets-pro release before all this is merged.

[welteki]

Seems like unit tests were not run.. these correspond to the inlets flags and the userdata generation.

Looking into why the tests failed.

I guess we want an inlets-pro release before all this is merged.

Yes we do want in inlets-pro release first.

[reviewfn]

AI Pull Request Overview

Summary

• Removes mandatory --letsencrypt-email flag requirement from CLI
• Updates command examples to exclude email flag
• Modifies MakeHTTPSUserdata function to omit email parameter
• Bumps default inlets-pro version to 0.11.5
• Updates unit tests to reflect removed email functionality
• Removes email validation logic when domains are specified
• Generates user-data script without email flag for inlets-pro

Approval rating (1-10)

7 - Code changes are minimal and targeted, but introduces breaking change without clear migration path for existing users.

Summary per file

Summary per file

File path	Summary
cmd/create.go	Removes letsencrypt-email flag, updates function signatures, bumps version
cmd/create_test.go	Updates test calls and expected outputs to remove email references

Overall Assessment

The changes effectively remove the email requirement for Let's Encrypt certificate issuance, aligning with upstream changes. However, this introduces a breaking change for existing users who may have scripts or automation relying on the email flag. The version bump to 0.11.5 assumes this version of inlets-pro supports omitting the email, but this should be verified. Testing coverage appears adequate with unit tests updated, but integration testing against the new inlets-pro version is critical before release.

Detailed Review

Detailed Review

Breaking Change Impact (High Priority)

The removal of --letsencrypt-email as a required flag creates a breaking change for existing users. While the PR description acknowledges this as a "Breaking Change," there's no clear migration documentation provided. Users with existing automation or scripts will encounter errors when the flag is specified, as it's completely removed rather than made optional. Consider implementing a deprecation warning in a future version instead of immediate removal to provide a smoother transition.

Version Bump Assumption (Medium Priority)

The code assumes inlets-pro version 0.11.5 supports omitting the --letsencrypt-email flag. This needs verification against the actual inlets-pro release. If 0.11.5 doesn't support this, the change will fail at runtime when the user-data script executes. The PR description mentions this as a blocker that needs to be resolved before merging.

Error Handling (Medium Priority)

When --letsencrypt-email is provided by a user (despite being removed), the current implementation will likely result in an "unknown flag" error from cobra. This could be improved with a custom flag validation that provides a clearer error message explaining the removal and suggesting the new usage.

Test Coverage (Low Priority)

Unit tests have been updated appropriately, but there's no test case covering the scenario where a user attempts to provide the email flag. Consider adding a test that verifies the flag is no longer accepted.

Security Considerations (Low Priority)

Removing the email requirement reduces user friction but also removes a contact method for certificate renewal notifications. While Let's Encrypt no longer requires this, consider documenting the implications for users who may want to receive renewal alerts.

Consistency with Upstream (Info)

The change aligns with Let's Encrypt's policy change, which is appropriate. However, ensure that inlets-pro's implementation matches this expectation.

Code Quality

The changes are minimal and focused, which reduces risk of introducing bugs. Function signatures are correctly updated, and dead code is removed. The user-data script generation properly omits the email parameter.

AI agent details.

Agent processing time: 29.2s
Environment preparation time: 6.404s
Total time from webhook: 42.163s